VMWare Posts Security Hole Fix for ESX

VMware is has posted a security update for its ESX platform.

The company said that the update will address a flaw within the 32-bit compatibility component of the ESX Service Console.

VMware said that if exploited, the flaw could potentially allow a local user to obtain elevated privileges on the targeted system.

Currently, the issue is only believed to affect the ESX 4 line of products. The company has released an update for ESX 4.1 and said that a patch for ESX version 4.0 was in the works.

Other products, including ESXi and VMware's hosted offerings such as Workstation, Player and Fusion are not affected by the security issue.

VMware is advising administrators to download and install the ESX410-201011001 update to address the security flaw. Additionally, the update addresses a stability issue which was causing network connection and stability problems with certain Broadcom drivers.

The update from VMware comes two weeks prior to the next scheduled security update from Microsoft. Last week, researchers broke word of a zero-day flaw in Windows 7 and Windows Vista which could potentially allow an attacker to bypass the system's User Account Control protections.

print this article

Return to security news headlines
View Security News Archive

Share with: