[Aug 16, 2018]
VMware has released Security patches that affected multiple products includes vSphere, Workstation, Fusion, and Virtual Appliances.
Successful exploitation of these vulnerability leads to sensitive information disclosure.
Security patches which has released as below:
With the security update, VMware address L1 Terminal Fault OS vulnerability in VMware Virtual Appliances, successful exploitation of the vulnerability leads to unauthorized disclosure of information that resides in L1 data cache to an attacker with local user access.
VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault. Successful exploitation of the vulnerability allows a VM running in the same CPU core to effectively read another VM’s privileged information that resides in the L1 data cache.
The update is to address out-of-bounds write issue with VMware Workstation and Fusion in e1000 device allow a guest user to execute code.
Cyber Security Tips:
- Users are urged to install above mentioned Security patches as per the VMware Security Advisory.