VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines.The patches fix four vulnerabilities that affect VMware ESXi, VMware Workstation Pro and Player, and VMware Fusion.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld’s Security Report newsletter. ]
Two of the vulnerabilities, tracked as CVE-2017-4902 and CVE-2017-4903 in the Common Vulnerabilities and Exposures database, were exploited by a team from Chinese internet security firm Qihoo 360 as part of an attack demonstrated two weeks ago at Pwn2Own.To read this article in full or to leave a comment, please click here

Leave a Reply