No one seems to know who, where or how. But this security update from VMware sure makes it sound like what we've all feared is true: Hypervisors can be compromised from the code they run in their bellies. Joanna Rutkowska gave a talk back in 2006 at Black Hat about her Red Pill and Blue Pill. I'm not covering super duper cutting edge security much, outside of the development side, these days. But this patch from VMware did catch my eye, because I hadn't yet heard of any host compromising exploits for hypervisors in the wild. I could easily not be "with it," but right now, it looks like the cool kids in the know are out there. Beware! As if it's a surprise that these virtualization exploits were still being researched by the bad guys. I think the frightening thing here is that, somewhere, someone had code, and now VMware is aware of it. That's scary. I'd rather know that VM Ware figured it out themselves. Or that Rutkowska, or her cohorts, had contributed some new information. Either way, watch your VM's. They may be watching you!