VMware Fusion 4.x < 4.1.2 (VMSA-2012-0007)
High Nessus Plugin ID 58792
SynopsisThe remote host has a virtualization application affected by a local privilege escalation vulnerability.
DescriptionThe version of VMware Fusion 4.x installed on the Mac OS X host is earlier than 4.1.2. As such, it is reportedly affected by a local privilege escalation vulnerability because the access control list of the VMware Tools folder is incorrectly set.
By exploiting this issue, a local attacker could elevate his privileges on Windows-based Guest Operating Systems.
SolutionUpgrade to VMware Fusion 4.1.2 or later.
In addition to patching, VMware Tools must be updated on all Windows guest VMs in order to completely mitigate the vulnerability.