Microsoft Virtual PC For Mac Temporary File Privilege Escalation Vulnerability

Microsoft Virtual PC For Mac Temporary File Privilege Escalation Vulnerability

Microsoft has reported an issue in Virtual PC for Mac that may permit a local attacker to gain elevated privileges on a system hosting the software.

This is due to insecure handling of temporary files by the setuid root VirtualPC_Services binary, potentially permitting a malicious local user to create a malicious symbolic link in place of the temporary file, which would result in corruption of files or a malicious local user gaining root privileges on the system.