Wednesday, September 3, 2008
VMWare has noted that a number of network security issues affecting its products have now been identified.
According to FrSIRT, one issue is caused by certain unspecified errors in ActiveX controls - and these can be exploited by hackers.
It adds that other issued relate to OpenProcess and the Internet Server Application Programming Interface, as well as a VMWare consolidated backup command line utilities.
VMWare has noted that it has activated the killbit on its ActiveX controls, meaning that they cannot run on Internet Explorer, thus limiting the security threats posed by the problem.
There has been a network security fix for the firm's local privilege escalation on host operating systems, the company adds, noting that exploitation of this loophole allows for arbitrary code to be run on the host system.
In related news, the chief executive officer of VMWare recently apologised for problems cause by a recent issue with virtual servers run by the firm, Computer World reports.
Related News:
Identity theft 'main purpose of phishing' - 8.27.2008
Identity theft and fraud are among the main driving forces behind phishing attacks, it has been suggested.
Consumers urged to protect online identity - 8.20.2008
Three crucial points for protecting oneself from online identity theft have been identified by Identity Theft Daily website.
San Fran case highlights network security risks - 8.11.2008
The risks of entrusting network security to a single person have been highlighted by a recent case which took place in San Francisco, reports the Washington Post.
DNS flaw also affects email - 8.7.2008
A network security vulnerability recently identified in the domain name system (DNS) which could allow hackers to hijack websites also affects email servers, the researcher who discovered the problem has said.
Analysts critical of Google security - 8.7.2008
Google is more interested in tracking traffic than it is in web and email security, analysts have suggested.
