Virtual USB controller continues to give VMware security headaches – Security

Hardware virtualisation seller VMware has issued patches for two vulnerabilities rated as essential severity, with method directors encouraged to implement the updates immediately.

5 bugs, indexed with the Widespread Vulnerabilities and Exposures (CVE) program, are becoming patched by VMware.

Stability researchers in China’s Tianfu Cup Pwn contest learned two flaws in VMware’s implementation of the common serial bus element of the extensible host controller interface (XHCI).

Attackers with neighborhood administrative privileges can exploit use-soon after-no cost and double-fetch vulnerabilities to execute code, with the privileges of the virtual machine VMX procedure, operating on the host system.

The critical vulnerabilities, CVE-2021-22040 and CVE-2021-22041 the two have a Common Vulnerabilities Scoring System ranking of 8.4.

In 2020, researchers using aspect in the Tianfu Cup Pwn contest observed seven flaws, rated as significant, in the XHCI USB controller.

Vulnerabilities rated as important to deal with in VMware ESXi, Fusion, Workstation and Cloud Foundation

Read More

Dell U2722DE review: A combined monitor, KVM and USB hub is bliss

In the world of performing from dwelling, you are probable to have two devices that you function from: The corporate supplied formal device that you must be working with for operate and your household equipment that you use immediately after several hours, or alternatively, do as a lot work as doable on.

For the earlier 18 months, my work products have both lived in a bag until essential, or together with some previous workplace remnants on a desk with a now redundant watch, USB hub, keyboard, and mouse for those moments when I definitely required to use the function notebook. Switching in between equipment meant physically switching desks, a thing that I was blessed plenty of to be ready to could squeeze into a single area.

But this arrangement was promptly superseded when the Dell U2722DE appeared in my everyday living — and there is certainly no likely back.


Read More

Logitech brings USB device management to home office


Logitech has created it achievable for IT administrators to control employees’ property-place of work headsets, webcams and docking stations by way of a browser-based mostly app identified as Sync. The software program functions very best with Logitech units, getting only limited capabilities for third-celebration merchandise.

The cloud-based mostly gadget administration platform earlier monitored and alerted IT about place of work collaboration gadgets like meeting microphones. This 7 days, Logitech expanded that ability to devices used by people today functioning from residence.

Calvin Chang, solution promoting supervisor at Logitech, explained Sync would support organizations remedy queries like, “Are these gadgets performing? Are they up to date? Are these gadgets staying employed at all?”

IT admins can use it to verify if a gadget like the Logitech Rally Bar webcam, the Logitech Zone 900 headset, or the Logi Dock docking station is plugged in and functioning correctly. Admins can force updates

Read More