A proof-of-concept (PoC) exploit has been released for a critical vulnerability chain in VMware Workstation that allows an attacker to escape from a guest virtual machine and execute arbitrary code on the host operating system.
For users who cannot immediately update, a potential workaround is to disable the virtual Bluetooth device. This can be done by unchecking the “Share Bluetooth devices with the virtual machine” option in the virtual machine’s USB Controller settings.
As far as I know, it’s a best practice to enable as few virtual hardware devices as possible. For example, most VMWare guests will not need USB or bluetooth or camera support.
As far as I know, it’s a best practice to enable as few virtual hardware devices as possible. For example, most VMWare guests will not need USB or bluetooth or camera support.