Support > Knowledge Base
Knowledge Base
Search the Knowledge Base: |
Search the Knowledge Base: |
Security Response to XSec-06-05, "VMware 5.5.1 for Windows arbitrary partition table delete issue"
Details
Solution
As the author states, this exploit requires that Microsoft Windows is running with Administrator privilege and Internet Explorer is set to run unsafe ActiveX controls.
There is no privilege escalation with this exploit because the browser calling the ActiveX control must be running as Administrator. The overall safety of a given ActiveX control must be considered not only in terms of the ActiveX control itself (VMware vielib.dll is no less safe than many other ActiveX controls installed on Windows sytems), but also in terms of the privileges of the process calling it and the trustworthiness of the code controlling that calling process.
To avoid malicious scripts that exploit ActiveX controls, do not enable unsafe ActiveX objects in your browser settings. As a best practice, do not browse untrusted Web sites as an Administrator.
Keywords
Feedback
Actions
- KB Article: 5965318
- Updated: Aug 14, 2009
- Products:
VMware ACE
VMware GSX Server
VMware P2V Assisstant
VMware Player
VMware Server
VMware VirtualCenter
VMware Workstation - Product Versions:
VMware ACE 1.0.x
VMware GSX Server 1.x (Windows)
VMware GSX Server 2.x (Windows)
VMware GSX Server 3.x (Windows)
VMware P2V Assisstant 1.0.x
VMware P2V Assisstant 2.0.x
VMware P2V Assisstant 2.1.x
VMware Player 1.x (Windows)
VMware Server 1.0.x (Windows)
VMware VirtualCenter 1.0.x
VMware VirtualCenter 1.1.x
VMware VirtualCenter 1.2.x
VMware VirtualCenter 1.3.x
VMware VirtualCenter 1.4.x
VMware VirtualCenter 2.0.x
VMware Workstation 3.x (Linux)
VMware Workstation 3.x (Windows)
VMware Workstation 4.x (Linux)
VMware Workstation 4.x (Windows)
VMware Workstation 5.x (Linux)
VMware Workstation 5.x (Windows)
VMware Workstation 6.x (Linux)
VMware Workstation 6.x (Windows)