VMware patches critical flaws that could allow attackers to escape VMs

VMware patches critical flaws that could allow attackers to escape VMs


VMware has released fixes for several flaws that together could allow attackers to execute malicious code on the host system from inside a virtual machine, bypassing the critical isolation layer. Some of the flaws are in the virtualized USB controllers, so they impact most VMware hypervisors: VMware ESXi, VMware Workstation, VMware Fusion, and VMware Cloud Foundation.

Attacker groups have exploited vulnerabilities in VM products before, including to deploy ransomware. In January it…



Source link