Critical flaw in VMware Software Allows Compromising Real Window
The virtualization software of VMware Inc., used for Windows, has a critical bug, which allows attackers to elude "guest" OS (Operating System) and add or modify files within the "host" OS.
On February 22, 2008, officials at VMware said that no patch is available to rectify the flaw, therefore, it affects VMware's Windows client virtualization applications such as Player, ACE and Workstation.
Core Security Technologies, the maker of CORE IMPACT, a penetration testing supporting program, first reported the bug. By exploiting the vulnerability, an attacker can exit from the guest OS to take control of the original host OS.
Ivan Arce, Chief Technology Officer, Core Security, said that the vulnerability calls for security and IT practitioners to be alert about virtualization because it also has security loopholes. Similarly, it is important to remind that environments aren't necessarily safe just because they run at the back of virtual environments, as reported by SCMagazine on February 25, 2008.
The flaw is found within the sharing feature of the Windows client-based virtualization application. With shared folders, users can access files like documents and those generated from various applications, from the underlying host OS and the virtual machine on that computer system.
VMware explained that on the host Windows OS, if users configure a host to guest shared folder of VMware, then any program operating in the guest file system can automatically reach the host's entire file system as well as modify or create executable files within sensitive areas. The later versions of VMware's Windows client virtualization programs also deactivate shared folders automatically. Hence, by enabling the feature, users' systems become vulnerable.
Besides, the growing dependence on virtual systems, especially on business servers, brings its own security problems.
Raul Siles, an Analyst at the Internet Storm Center, said that people should extensively use virtualization technologies to serve various purposes like incidence response, malware analysis, training, security testing etc., and there is the typical use of the client form of the software products. Siles also thinks that the shared folder features should now be disabled, as reported by Computerworld on February 24, 2008.
Related article: Critical Infrastructure Flaw Vulnerable to Hacking
» SPAMfighter News - 29-02-2008