Critical VMware security alert for Windows-hosted VMware client versions(SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc)
WindowsなゲストOSでVMwareの共有フォルダを作っている場合、ホスト側のファイルシステムの完全なアクセスとsensitive location?(vmな環境設定とかの場所かな?)のファイルを実行したり変更したり、作成したり出来るそうです。
"On Windows hosts, if you have configured a VMware host-to-guest shared folder, it is possible for a program running in the guest to gain access to the host's complete file system and create or modify executable files in sensitive locations."
デフォルトではVMwareの共有フォルダは無効になっているそうです。
ただし、Workstation 5, Player 1, and ACE 1はデフォルトで有効になっているそうなので要注意
By default, the shared folders feature is disabled in Workstation 6, Player 2, and ACE 2. Workstation 5, Player 1, and ACE 1 enable the shared folders feature by default, but exploiting this vulnerability still requires at least one folder to be configured as shared between the host and guest.
The impact on production environments is supposed to be limited as they tend to use the server versions. However, we, as security professionals, make an extensive use of virtualization technologies for multiple purposes: malware analysis, incident response, forensics, security testing, training, etc, and we typically use the client versions of the products, so... It is time to disable the shared folder capabilities!!, as no update or patch is available yet:
