a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows for arbitrary code execution in the context of the logged on user. This vulnerability is present only on Windows Guest Operating Systems.
In order for an attacker to exploit the vulnerability, the attacker would need to lure the user that is logged on a Windows Guest Operating System to click on the attacker's file on a network share. This file could be in any file format. The attacker will need to have the ability to host their malicious files on a network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS Security ( <http://www.acrossecurity.com>) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
- Install the remediated version of Workstation, Player, ACE, Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5 - Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine users will not be prompted to upgrade). Note the VI Client will not show the VMware tools is out of date in the summary tab.
Please see <http://tinyurl.com/27mpjo> page 80 for details.
The following table lists what action remediates the vulnerability (column 4) if a solution is available. See above for remediation details.