Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.0861 VMware Workstation update addresses elevation of privilege issues 19 March 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: VMware Workstation Publisher: VMWare Operating System: Linux variants Windows Impact/Access: Increased Privileges -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-5512 CVE-2019-5511 Original Bulletin: https://www.vmware.com/security/advisories/VMSA-2019-0002.html - --------------------------BEGIN INCLUDED TEXT-------------------- VMSA-2019-0002 VMware Workstation update addresses elevation of privilege issues VMware Security Advisory Advisory ID: VMSA-2019-0002 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Workstation update addresses elevation of privilege issues. VMware Security Advisory Issue date: 2019-03-14 VMware Security Advisory Updated on: 2018-03-14 (Initial Advisory) VMware Security Advisory CVE numbers: CVE-2019-5511, CVE-2019-5512 1. Summary VMware Workstation update addresses elevation of privilege issues. 2. Relevant Products o VMware Workstation Pro / Player (Workstation) 3. Problem Description a. The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege. Workstation does not handle paths appropriately. Successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege. VMware would like to thank James Forshaw of Google Project Zero for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5511 to this issue. VMware Product Workstation Product Version 15.x Running on Windows Severity Important Replace with/ Apply Patch 15.0.3 Mitigation/ Workaround None VMware Product Workstation Product Version 15.x Running on Linux Severity N/A Replace with/ Apply Patch Not Affected Mitigation/ Workaround N/A VMware Product Workstation Product Version 14.x Running on Windows Severity Important Replace with/ Apply Patch 14.1.6 Mitigation/ Workaround None VMware Product Workstation Product Version 14.x Running on Linux Severity N/A Replace with/ Apply Patch Not Affected Mitigation/ Workaround N/A b. VMware Workstation COM classes used by the VMX process on a Windows host can be hijacked leading to elevation of privilege. COM classes are not handled appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege. VMware would like to thank James Forshaw of Google Project Zero for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5512 to this issue. VMware Product Workstation Product Version 15.x Running on Windows Severity Important Replace with/ Apply Patch 15.0.3 Mitigation/ Workaround None VMware Product Workstation Product Version 15.x Running on Linux Severity N/A Replace with/ Apply Patch Not Affected Mitigation/ Workaround N/A VMware Product Workstation Product Version 14.x Running on Windows Severity Important Replace with/ Apply Patch 14.1.6 Mitigation/ Workaround None VMware Product Workstation Product Version 14.x Running on Linux Severity N/A Replace with/ Apply Patch Not Affected Mitigation/ Workaround N/A 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware Workstation Pro 14.1.6, 15.0.3 Downloads and Documentation: https://www.vmware.com/go/downloadworkstation https://docs.vmware.com/en/VMware-Workstation-Pro/index.html VMware Workstation Player 14.1.6, 15.0.3 Downloads and Documentation: https://www.vmware.com/go/downloadplayer https://docs.vmware.com/en/VMware-Workstation-Player/index.html 5. References https://cve.mitre.org/cgi-bin/cvename.cgi-name=CVE-2018-5511 https://cve.mitre.org/cgi-bin/cvename.cgi-name=CVE-2019-5512 6. Change log 2019-03-14: VMSA-2019-0002 Initial security advisory in conjunction with the release of VMware Workstation 14.1.6 and 15.0.3 on 2019-03-14. 7. Contact E-mail list for product security notifications and announcements: https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXJAwv2aOgq3Tt24GAQgbJxAAn2ZmsJDS6xYBbrSCzZyGr8uIWOklXq6a aBmmlZ2lH0weVU8Q11JI7KPu67KsJwNgUZFMnPtCtjnIBnqO/vzHViOK//Mw7U2z yYfkisvsWy5AQ6oQdK4MF3ZqNdfNpISd9kY+EQr+86Qksa5677xtu7QHromNYn0L CxLWYdYBIfLQiFZhBkETJx3DM0qeQQmNCrj+CWD2hoUjdSux3qRoI9t105Kc9N+L ki2MJ++48KWMVWiNuUzXtxoEs67ihfOsPsoIyvUkZ7Je7cogniREmTI05tgIU/Dz 06yJym8iHyy3tIlmtxX5FdV7YHLP4fsPcV9sOl53M2dNRmETxJOOLfxNhuCnhvTw CKAfPvR2Vaz7wNd+nCrdhgFH+U8/e2yg0M/NAUlal7FyWWncMCoKIGPx6QQK0fNn 6f2TH+SAmDfKgpwEhWEot6adNMwT+PPi8wZphKsMaj+X9PrnHO96+Pdfm9GzPPIq fg76FM7raU2V+BE7NXauKgsAGxhc7UwuEY+rogw2vxbkpOdEEV5jeHPaQIbps1uC PA1yIj3G0xFMb9Bmmlvszobc3cxIQLjENasSMVQxm00e+OI0dH+qtf2YZtMMWE2c sRnD1KGZ92fkTltBoVCH0FJyU6FGPfjIYqA29WOEYz+muGEkuY7iockyommXnBf7 JBvBR8UNEF0= =P9pt -----END PGP SIGNATURE-----