VMware Horizon Vulnerability Found
VMware this week disclosed that it found an out-of-bounds read vulnerability, rated as severe, in its Horizon 6, Horizon 7, and Horizon Client for Windows software. The Horizon platform is VMware's commercial desktop virtualization offering.
VMware said that, should the issue be exploited, a less-privileged user could leak information from a privileged process running on a system where Horizon Connection server, Horizon Agent, or Horizon Client was installed. The flaw, discovered by Trend Micro, did not apply to Horizon 6 or 7 Agents installed on Linux, or on Horizon Clients running on non-Windows systems.
Patches for the vulnerability were released.