Thursday, August 23, 2007

VMWare hole

Using VMWare to run potentially harmful software (like Windows 8-) ) in a sandbox? Whoops:

VMware's scripting API allows a malicious script on the host machine to execute programs, open URLs, and perform other privileged operations on any guest operating system open at the console, without requiring any credentials on the guest operating system. Furthermore, the script can execute programs even if you lock the desktop of the guest OS.

1 comment:

Anonymous said...

Oh, shit...

Hope they fix it quick. Life without VMWare wouldn't be worth living.