VMware have released updated versions of their virtualization software to fix a security vulnerability. VMware Tools for Windows is affected by An uncontrolled search path vulnerability (CVE-2022-22943). A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest OS due to an uncontrolled search path element.
Affected versions:
-VMware Tools for Windows versions earlier than 12.0.0
More information with instructions for updating can be read from the correspondent VMware advisory.
No comments:
Post a Comment