Casa > cibernético Notícias > VMWare Critical Virtual Machine Escape Flaws Patched (CVE-2017-4902)
CYBER NEWS

VMWare Críticos Falhas Virtual Machine escape remendado (CVE-2017-4902)

VMware has released a security advisory regarding several critical vulnerabilities that were demonstrated during the recent Pwn2Own hacking content. As falhas podem ser exploradas para escapar do isolamento das máquinas virtuais, pesquisadores explicam. As equipes foram premiadas $105,000 para as façanhas de sucesso.

relacionado: CVE-2017-0022 Implantado em AdGholas Malvertising e Neutrino EK

More about CVE-2017-4902, CVE-2017-4903, CVE-2017-4904, and CVE-2017-4905

The patches endereço four vulnerabilities that affect VMWare ESXi, VMware Workstation Pro and Player and VMWare Fusion. The vulnerabilities in question are CVE-2017-4902, CVE-2017-4903, CVE-2017-4904, and CVE-2017-4905.

CVE-2017-4902 and CVE-2017-4903 were successfully exploited during the Pwn2Own hacking contest by researchers from Qihoo 360, Chinese security company. The team demonstrated the attack which was initiated with a compromise of Microsoft Edge. The attack chain continued with the exploit of Windows kernel, and then with the vulnerabilities to escape from a virtual machine and execute code on the host operating system.

More about the Pwn2Own Hacking Contest

The event is an annual hacking contest organized by Trend Micro’s Zero Day Initiative (ZDI). The program takes place during the CanSecWest conference in Vancouver, Canadá. The idea is that researchers are awarded for demonstrating attacks involving previously unknown zero-days against operating systems, navegadores, and enterprise software. This year the organizers decided to add another category – exploits in hypervisors such as VMWare Workstation and Microsoft Hyper-V.

Researchers from the Keen Lab and PC Manager divisions of Internet services provider Tencent were the ones who successfully exploited the other two VMWare flawsCVE-2017-4904 and CVE-2017-4905.

CVE-2017-4905 is a moderate memory information lead flaw. Contudo, a successful attack could enable attackers to perform further, more dangerous malicious attempts.

relacionado: DoubleAgent Zero-Day transforma os principais programas antivírus em agentes maliciosos

Affected users should update VMWare Workstation to version 12.5.5. on all platforms and VMWare Fusion to version 8.5.6 on macOS/ OS X. Individuals patches can be found for ESXi 6.5, 6.0 U3, 6.0 U2, 6.0 U1 and 5.5.

The Importance of Virtual Machines and Hypervisors

Virtual machines are often deployed to build throw-away environments that are not endangering to the main operating system. Malware researchers can run virtual machines to execute malicious code and visit malicious URLs with the purpose of observation.

As for hypervisors – their main purpose is to create and sustain a barrier between the guest OS running inside the virtual machine, and the host OS running the hypervisor. This makes VMWare escape exploits very important and well-paid in the white hacking community.

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *