VMWare getting a lot of bad press
All of my RSS feeds have been blowing up with the report from about a new VMWare vulnerability that allows an attacker to escape the Guest and infect the Host. Wow! That is pretty serious stuff you must be thinking. Hold on cowboy….if you read further you will see that the vector of attack is the Shared Folders feature of the desktop product.
I am surprised that this is getting as much coverage as it is, because to be honest I don’t see this as being news. The very nature of the Shared Folders is to provide a method of sharing files from the guest to the host. I think it is obvious that by enabling this feature, giving access from one to the other, that the host is vulnerable by the guest. Am I missing something here? This is why I have never enabled this feature on my VM’s. If I leave my basement door open I don’t need someone from ADT to tell me that is a vulnerability.
I know lots of people use Shared Folders, and they certainly serve a purpose but what do I suggest you do with this looming vulnerability? Well if you have a VM with sensitive information you should be securing it to avoid compromise at which point using Shared Folders should have no impact. Now, for those test vm’s that you don’t keep patched and are used to see if there is bad stuff on a website (among other things), don’t enable Shared Folders.
Since Server and ESX do not use Shared Folders this is not an issue on those platforms, and even if they did have the feature you should be looked at for serious mental issues if you would actually enable it on a production server. Use common sense people and that will be half the battle.
Filed under: Security, vmware | Leave a Comment
Tags: Security, shared folders, vmware, vulnerability