An unpatched weakness in Microsoft's Virtual PC could leave companies using the virtualization software vulnerable to attack, Core Security Technologies said on Tuesday.
An exploit writer at Core Security discovered the vulnerability in Virtual PC hypervisor and reported it to Microsoft in August 2009, Core Security said in an advisory.
Microsoft indicated that it plans to solve the problem in future updates to the vulnerable products: Microsoft Virtual PC 2007, Windows Virtual PC, and Virtual Server 2005, the advisory says. Microsoft Hyper-V technology is not affected by the problem, Core Security said.
Basically, the hole could allow an attacker … Read more