Patch for Recently Disclosed VMware Fusion Vulnerability Incomplete

From securityweek.com

VMware Fusion vulnerability - Image credits: Jeffball

The patch released recently by VMware for a privilege escalation vulnerability affecting Fusion for Mac have been found to be incomplete.

VMware informed customers on March 17 that Fusion, Remote Console (VMRC) and Horizon Client for Mac are affected by a high-severity privilege escalation vulnerability caused by the improper use of setuid binaries. The company released updates that should have patched the vulnerability, which is tracked as CVE-2020-3950.

Read more…