VMware Patches Workstation Flaw Disclosed at Hacking Contest

0
58
VMware Patches Workstation Flaw Disclosed at Hacking Contest
VMware Patches Workstation Flaw Disclosed at Hacking Contest

VMware Patches Workstation Flaw Disclosed at Hacking Contest

VMware Fixes Vulnerability That Earned Researcher $100,000 at Hacking Contest

VMware has patched a vital Workstation and Fusion vulnerability disclosed just lately by way of a researcher at a hacking pageant in China.

The safety hollow, tracked as CVE-2018-6983, was once demonstrated ultimate week by way of Tianwen Tang of Qihoo 360’s Vulcan Team at the Tianfu Cup PWN pageant. The white hat hacker earned $100,000 for his paintings.

It’s value noting that contributors won over $1 million for 30 vulnerabilities disclosed at the Tianfu Cup match, together with $120,000 for 2 Oracle VirtualField exploit chains.

The flaw affecting VMware Workstation and Fusion has been described as an integer overflow malicious program affecting digital community units. Exploiting this weak spot can permit a visitor to execute arbitrary code at the host.

The vulnerability impacts Workstation 14.x and 15.x on any platform, and Fusion 10.x and 11.x on macOS. Patches were launched for each and every of the impacted variations on November 22, lower than every week after disclosure.

VMware knowledgeable shoppers ahead of the beginning of the hacking pageant that it had despatched representatives to the development to check any vulnerabilities that can be demonstrated.

This isn’t the primary vulnerability patched by way of VMware this month after it was once disclosed at a hacking pageant in China. On November nine, the corporate notified shoppers of fixes for a vital digital system (VM) get away vulnerability offered by way of a researcher in past due October at the GeekPwn2018 pageant.

Related: Patches Released for Flaws Affecting Dell EMC, VMware Products

Related:VMware Patches Code Execution Flaw in Virtual Graphics Card

Related:VMware Patches Code Execution Flaw in AirWatch Agent

Related:VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest

gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - VMware Patches Workstation Flaw Disclosed at Hacking Contest
gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - VMware Patches Workstation Flaw Disclosed at Hacking Contest
aws adds new feature for preventing data leaks - VMware Patches Workstation Flaw Disclosed at Hacking Contest

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He labored as a highschool IT trainer for 2 years ahead of beginning a profession in journalism as Softpedia’s safety information reporter. Eduard holds a bachelor’s stage in commercial informatics and a grasp’s stage in pc ways implemented in electric engineering.

Previous Columns by way of Eduard Kovacs:
gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - VMware Patches Workstation Flaw Disclosed at Hacking ContestTags:

LEAVE A REPLY

Please enter your comment!
Please enter your name here