Previous Posts

 Backup and Restore Outlook 2003 auto complete data...

Force Windows Activation Dialog to Show

Encrypt your files the free and easy way

Free New Zealand Daylight saving patch released fo...

Windows Vista SP1 beta to be released soon

Try out Windows 2008

Daylight Saving Time Patch - New Zealand Update

Can't Create File - Outlook Error, and a the Fix

Windows DST Patch for New Zealand

Increase Exchange 2003 Maximum Message Store Size



Archives

May 2005

January 2006

April 2006

May 2006

June 2006

July 2006

September 2006

October 2006

November 2006

December 2006

January 2007

February 2007

March 2007

April 2007

May 2007

June 2007

July 2007

August 2007

September 2007

October 2007

November 2007

December 2007

January 2008

February 2008

March 2008

April 2008

May 2008



Subscribe to our Feed:

Vulnerability in Virtual PC

I was looking at some of the latest security updates from Microsoft and I came across this one:

MS07-049: Vulnerability in Virtual PC and Virtual Server that could allow privilege elevation

Here is an excerpt of the KB article (Emphasis is mine):

This important security update resolves one privately reported vulnerability. This is an elevation of privilege vulnerability. The vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating systems. Only guest operating system users who are granted administrative permissions to the guest operating system would be able to exploit this vulnerability. Guest operating system users not granted administrative permissions to the guest operating system would be unable to exploit this vulnerability.

Yikes! This means that it is possible my main machine could get infected, or attacked while running suspect code inside a VM. Fortunately this flaw only affects Virtual PC 2005 and earlier (2005 R2, and 2007 are not affected).

Still this is a scary issue for me since I use VMWare all the time to test out software I don't trust. I am not aware of any similar problems with VMWare, but time will only tell if a creative programmer will find a flaw there too.


Posted By: Steve Wiseman on Wednesday, September 05, 2007

Check out our utilities for windows

 
Home|Downloads|Products|Blog
Copyright © IntelliAdmin, LLC, 2008. All Rights Reserved
Privacy Policy