VULHUB ™

Microsoft has reported an issue in Virtual PC for Mac that may permit a local attacker to gain elevated privileges on a system hosting the software. This is due to insecure handling of temporary files by the setuid root VirtualPC_Services binary, potentially permitting a malicious local user to create a malicious symbolic link in place of the temporary file, which would result in corruption of files or a malicious local user gaining root privileges on the system.

Microsoft has reported an issue in Virtual PC for Mac that may permit a local attacker to gain elevated privileges on a system hosting the software. This is due to insecure handling of temporary files by the setuid root VirtualPC_Services binary, potentially permitting a malicious local user to create a malicious symbolic link in place of the temporary file, which would result in corruption of files or a malicious local user gaining root privileges on the system.