Vmware Delta Disk Issue Fixed

VMWare released an advisory yesterday for my delta disk issue.(Link) Thanks to VMWare for their hard work and cooperation in fixing the issue. Monty Ijzerman and his team were a pleasure to work with. The issue has a very low possibility of being exploited because the attacker would need rights to edit existing VM files or add a new VM. But, one viable attack vector would be through the distribution of a corrupt virtual appliance. An attacker could create a VM containing a corrupt delta disk and convince an administrator to load the VM for them. When the corrupt VM is powered on then it will cause the ESX host that it resides on to crash. VMware says that my other issues are expected to be patched in Q1 2009.