VMware releases updates - don't forget to patch
An ISC reader notified us that VMware released updates for for ACE, Server, Player and Workstation products:
According to VMware, the following 3 security issues are patched by the updates for VMware ACE, Player and Workstation:
- Setting ActiveX killbit. "VMware has set the killbit on its ActiveX controls. Setting the killbit ensures that ActiveX controls cannot run in Internet Explorer (IE), and avoids security issues involving ActiveX controls in IE."
- Update to FreeType. "FreeType 2.3.6 resolves an integer overflow vulnerability and other vulnerabilities that can allow malicious users to run arbitrary code or might cause a denial-of-service after reading a maliciously crafted file."
- Update to Cairo. "Cairo 1.4.12 resolves an integer overflow vulnerability that can allow malicious users to run arbitrary code or might cause a denial-of-service after reading a maliciously crafted PNG file."
The following 4 security issues are patched by the updates for VMware Server:
- Security Fix for VMware ISAPI Extension. "One of the ISAPI extensions provided by VMware is vulnerable to a remote denial of service. "
- Security Fix for Local Privilege Escalation on Host System. "Exploitation of this vulnerability allows users to run arbitrary code on the host system with elevated privileges."
- Update to Freetype. "FreeType 2.3.6 resolves an integer overflow vulnerability and other vulnerabilities that can allow malicious users to run arbitrary code or might cause a denial-of-service after reading a maliciously crafted file."
- Setting ActiveX killbit. "VMware has set the killbit on its ActiveX controls. Setting the killbit ensures that ActiveX controls cannot run in Internet Explorer (IE), and avoids security issues involving ActiveX controls in IE."
Patching VMware is never a pleasant experience, and usually involves a heavy download and a lengthy installation, not to mention the testing to ensure your environment is not adversely affected by the patch. What's a better way to spend your weekend?
Update: (2008-08-30-15:50 UTC) The VMware bulletin can be found at http://lists.vmware.com/pipermail/security-announce/2008/000033.html
-- Lenny
Lenny Zeltser leads a regional security consulting team at Savvis and teaches a course on reverse-engineering malware at SANS.
Comments