December 6, 2016

VMWare ESX Source Code Stolen – Starts to Leak onto Internet

(LiveHacking.Com) – VMware has confirmed that the source code for its ESX hypervisor has been stolen and portions of it are starting to appear on the Internet. Iain Mulholland, the Director of the VMware Security Response Center, wrote that they are “aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe.”

The hacker, named Hardcore Charlie, is claiming that the code was stolen from the military contractor China National Import & Export Corp (CEIEC), however they are reporting that such claims are “totally groundless, highly subjective and defamatory.”

“The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers,” added Iain Mulholland. In the same blog post VMware acknowldged that it shares its source code and interfaces with others companies. Which seems to lend credence to Hardcore Charlie’s claims about the CEIEC breach.

The header file (vmkemit.h) posted by the hacker carries a 1998 copyright date stamp and lists a set of code emission macros for base x86 architecture used by vmkernel.

Hardcore Charlie published the code in a rather incoherent posting to pastebin that also talks about alleged collusion between CITEC and Western military and terrorist organisations: “we want to make it clear that CEIEC is engaged in a criminal activity with Ukraine and Russian officials as of supplying Ukraine and Russia with US army information for the terrorists.” 

The hacker has also threatened to release the source code for EMC.

Microsoft’s Patch Tuesday Updates Break VMware on Windows 7

It turns out that last week’s patch Tuesday update from Microsoft broke some bits of VMware on Windows 7, fortunatley VMware have responded quickly with an update to their software.

If you have installed updates 2482017 or 2467023 (which you most likely have if you have automatic updates enabled on your Windows 7 machine) and expericnce the problem below you will need to upgraded your VMware View Client:

  • Unable to connect from the View Client on Windows 7 to the View Connection Server
  • Connecting the View Client on Windows 7 to the View Connection Server fails

According to the VMware knowledge base if you have already installed these patches, you can install VMware View Client (build 353760) to resolved the problem.

If you have not installed these patches, delay the installation of the Microsoft patches until you have installed VMware View Client (build 353760).

The View Client patch can be downloaded from here.