VMware VMs and USB Controller
The latest security patch for the VMware ESXi, VMware Workstation and VMware Fusion is for the USB Controller in the VM give access to the hypervisor (on ESXi it can only access the VMX Sandbox, not all of the ESXi host). https://www.vmware.com/security/advisories/VMSA-2024-0006.html
This is not the first time that the USB has a security bug, so I would recommend removing the USB Controller if not needed.
I was talking to one of my collages Christan Møller about why VMware automatic adds the USB controller to Windows virtual Machines. He actually did investigate this and there is a “good” reason for this.
When installing the Virtual Machine with Windows, and you do not have the USB Controller in the configuration, the mouse don’t work, the cursor jumps around and is unusable, if the USB Controller is present the mouse works fine.
This virtual machine uses the USB controller for handling the mouse until VMware Tools is loaded, after this it switches to the mouse driver for handling the mouse, therefor the USB controller is not need after Windows and VMware Tools is installed.
Thanks to Christian for giving me this information, I think that there are other that also was wondering about this.
Note: If you want to find VMs with the USB Controller are added, see the script that William Lam has posted here.