Skip to main content

Microrsoft patches Virtualization, Vista

"While it is not the most severe vulnerability covered by Microsoft this month, IBM ISS considers MS07-049, the virtual machine vulnerability in Microsoft Virtual PC and Microsoft Virtual Server, to be the most interesting," said X-Force Researcher Tom Cross in a statement. "Enterprises are increasingly embracing virtualization to simplify IT management and cut infrastructure costs. As this trend continues, we're going to see attackers use vulnerabilities like MS07-049 to leverage control over one virtual host to infect others on the same server. This is a new kind of attack methodology that requires unique protection."

To exploit this virtualization vulnerability, a guest operating system does need administrative permissions to the guest operating system, Microsoft noted.

Still, it's notable, given that this flaw allows a guest to cross a chasm that's supposed to be uncrossable, breaking out of one machine and into another because they're running on the same piece of hardware, Schultze noted.

And of course the speculation of Microsoft's eye for the "New and shiny"* Citrix continues. Read the rest at Eweek!

Comments

Popular posts from this blog

Get Vyatta Virtual Appliance, now VMware certified!

We all know Vyatta, don't we?

Vyatta, the leader in Linux-based networking, today announced that its open-source networking software has received VMware Virtual Appliance Certification, thereby providing customers with a solution that has been optimized for a production-ready VMware environment. The company also announced it has joined the VMware Technology Alliance Partner (TAP) Program. As a member of TAP, Vyatta will offer its solutions via the TAP program website. With the Vyatta virtual appliance for VMware environments, organizations can now include Vyatta’s router, firewall and VPN functions as part of their virtualized infrastructure.

Vyatta combines enterprise-class routing and security capabilities into an integrated, reliable and commercially supported software solution, delivering twice the performance of proprietary network solutions at half the price. Running Vyatta software as virtual appliances gives customers many more options for scaling their data centers and cons…

3PAR adds native LDAP support to simplify administration

3PAR®, the leading global provider of utility storage, announced today native support for lightweight directory access protocol (LDAP). Support for LDAP enables centralized user authentication and authorization using a standard protocol for managing access to IT resources. With 3PAR’s support for LDAP, customers are able to now integrate 3PAR Utility Storage--a simple, cost-efficient, and massively scalable storage platform—with standard, open enterprise directory services. The result is simplified security administration with centralized access control and identity management.

“3PAR Utility Storage already provides us with a reliable, shared, and easy-to-use consolidated storage platform,” said Burzin Engineer, Vice President of Infrastructure Services at Shopzilla. "Now, with 3PAR support for LDAP, managing security commonly--across all our resources, including storage--is also simple and efficient.”

Press Release

DeepLearningTrucker Part 1