![]() I think it is used internally by Horizon’s remote USB services and is only exploitable after they have been started once by entering administrative credentials. I found it after learning about the “Open VMware View Client Services” SUID binary on my Mac. The good news is, that it has already been fixed in the latest available version. This section describes how to set up shortcut mappings for Horizon Client on a Mac.In this blog post I want to discuss a code injection vulnerability in VMware Horizon‘s macOS Client Version 4.4.0 (5164329) that can be abused to gain local root privileges. With the defaults system, you can read, write, and delete Mac user defaults by using Terminal ( /Applications/Utilities/Terminal.app). You can configure Real-Time Audio-Video settings at the command line by using the Mac defaults system. Configuring Real-Time Audio-Video on a Mac Client.Horizon Client reports the MAC address of the user's local hardware instead of the MAC address of the VPN by using a hard-coded deny list of MAC addresses. To control sleep mode behavior during remote sessions, you can set keys in the /Library/Preferences/ file on the Mac client. You can configure whether to share this client data with Connection Server. If an administrator has opted to participate in the VMware Customer Experience Improvement Program (CEIP), VMware collects and receives anonymous data from client systems through Connection Server. ![]() Configure VMware Horizon 8 Client Data Sharing With CEIP.You can optimize cursor event handling by configuring settings in the ~/Library/Preferences/VMware Horizon View/config file on the Mac client system. You can configure VMware Blast options for remote desktop and published application sessions that use the VMware Blast display protocol. An administrator can configure the maximum number of log files, and the maximum number of days to keep log files, by setting keys in the /Library/Preferences/ file on the Mac client. Horizon Client generates log files in the ~/Library/Logs/VMware Horizon Client directory on the Mac client. You can select the security protocols and cryptographic algorithms that VMware Horizon 8 uses to encrypt communications between Horizon Client and servers, and between Horizon Client and Horizon Agent. ![]() If you do not configure this setting, you must manually select a certificate. You can configure a Horizon Client setting to select a local certificate, or the certificate on a smart card, when you connect to a server. Configure Horizon Client to Select a Smart Card Certificate.Certificate checking occurs for TLS connections between a server and Horizon Client. For example, you can configure that full verification is always performed. You can configure the certificate checking mode for end users. Configuring the Certificate Checking Mode for End Users.A certificate is a digital form of identification, similar to a passport or a driver's license. Server certificate checking occurs for connections between Horizon Client and a server. Setting the Certificate Checking Mode in Horizon Client.These services provide the client's geolocation information to Microsoft Teams running in a remote desktop for location-based routing during emergency calls. To allow E911 services for the Media Optimization for Microsoft Teams feature, you must manually enable macOS location services for Horizon Client. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |