VMware Cloud Community
baber
Expert
Expert
‎01-18-2020 10:41 PM
Jump to solution

new security update for vMware tools

Dear all

Hi

As i saw this security about  vmware tools

VMware Knowledge Base

in that article mentioned if we cannot update had to change on C:\ProgramData\VMware\VMware CAF directory

I have 4 folders in that directory config,data,install, scripts

but actually could not understand what do I had to do to solve the problem without updating new vMware tools?

  1. Disable inheritance, remove all inherited permissions, grant “Full control” to local System account and Administrators group
  2. Correct the ACL from the Windows UI via Properties of the directory

How can do above steps?

Please mark helpful or correct if my answer resolved your issue.
1 Solution

Accepted Solutions
Alex_Romeo
Leadership
Leadership
‎01-19-2020 02:59 AM
Jump to solution

Hi,

What you would do is this:

You must remove all write access permissions for the standard user from the "C: \ ProgramData \ VMware \ VMwareCAF" directory

pastedImage_0.png

but if you don't have this folder... you don't have the problem.

What version of VMware do you have?

ARomeo

Blog: https://www.aleadmin.it/

View solution in original post

3 Replies
Alex_Romeo
Leadership
Leadership
‎01-19-2020 02:59 AM
Jump to solution

Hi,

What you would do is this:

You must remove all write access permissions for the standard user from the "C: \ ProgramData \ VMware \ VMwareCAF" directory

pastedImage_0.png

but if you don't have this folder... you don't have the problem.

What version of VMware do you have?

ARomeo

Blog: https://www.aleadmin.it/
baber
Expert
Expert
‎01-19-2020 07:08 AM
Jump to solution

so thanks.

I have all  folders .

is that means had to remove write permission for all users except Administrator ?

Please mark helpful or correct if my answer resolved your issue.
0 Kudos
Alex_Romeo
Leadership
Leadership
‎01-19-2020 07:22 AM
Jump to solution

Hi,

the KB says that you have to remove the flags in my example also in the administrators group.

To remediate this issue, it is recommended to upgrade VMware Tools to 11.0.0 or later.

However, if upgrading is not possible, exploitation of this issue can be prevented by correcting the ACLs on C:\ProgramData\VMware\VMware CAF directory in the Windows guests running VMware Tools 10.x.y versions. In order to correct ACLs for this directory, remove all write access permissions for Standard User from the directory.

To correct ACLs for this directory:

  1. Disable inheritance, remove all inherited permissions, grant “Full control” to local System account and Administrators group.

so the same thing you did for "Users" you also do for "Administrator".

ARomeo

Blog: https://www.aleadmin.it/