News

VMware Workstation makes host OS vulnerable to com1 port manipulation

By admin
Spread the love

A Google security researcher has published a vulnerability in VMware Workstation. Printing manipulated content from a guest operating system through the virtual com1 port can run malicious code on the host operating system.

VMware Workstation with Windows as host operating system installs and launches a virtual com1 printer port by default. This component, vprintproxy.exe, makes it possible to issue print commands on the guest operating system which are then copied to the printer spooler on the underlying host system. However, Kostya Kortchinsky of the Google Security Team has found a vulnerability in the handling of printer commands from the guest system. After raising the bugs with VMware and after releasing an update of VMware Workstation to version 11.1.1, Kortchinsky has published the leak, including exploit code.

The bugs can be exploited by sending specially modified content, such as a manipulated jpeg2000 file, to the com1 port from the guest system. This does not require administrator access. The errors in vprintproxy.exe can launch malicious code on the host system.

The security problem can be solved by updating VMware to the latest version. A system administrator can also choose to completely disable the virtual printer in the settings, so that vprintproxy.exe no longer runs in the background.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Brave sells web content as data for AI training

News

AMD: Intel’s proposal for 64bit-only x86 architecture is very interesting

News

Microsoft releases new font for Word, Outlook, PowerPoint and Excel