Security 10817 Published by

Computerworld reports that some 64-bit operating systems and virtualization software programs are vulnerable to local privilege escalation attacks when running on Intel processors (CPUs), the U.S. Computer Emergency Readiness Team (US-CERT) said in a security advisory on Wednesday.



Some of the operating systems confirmed as vulnerable so far include x64-based versions of Windows 7 and Windows Server 2008 R2, the 64-bit versions of FreeBSD and NetBSD, the Xen virtualization software, as well as Red Hat Enterprise Linux and SUSE Linux Enterprise Server, which include the Xen hypervisor by default.

The VMWare security response team confirmed that VMware's hypervisor does not make use of the SYSRET instruction and is, therefore, not vulnerable to this attack, US-CERT said.
  64-bit OSs, virtualization software on Intel chips vulnerable to hacks