Saturday, May 5, 2012

Vulnerabilities In VMware Products

VMware have released new versions of their virtualizing software fixing security vulnerabilities. Some of these vulnerabilities may allow a guest user to potentially execute arbitrary code in host system.

Affected software versions are:
- Workstation 8.0.2 and earlier
- Player 4.0.2 and earlier
- Fusion 4.1.2 and earlier
- ESXi 5.0 prior update ESXi500-201205401-SG
- ESXi 4.1 prior updates ESXi410-201205401-SG, ESXi410-201110201-SG and ESXi410-201201401-SG
- ESXi 4.0 prior updates ESXi400-201105201-UG and ESXi400-201205401-SG
- ESXi 3.5 prior update ESXe350-201205401-I-SG
- ESX 4.1 prior update ESX410-201205401-SG, ESX410-201110201-SG and ESX410-201201401-SG
- ESX 4.0 prior updates ESX400-201105201-UG and ESX400-201205401-SG
- ESX 3.5 prior update ESX350-201205401-SG

Instructions for updating to a non-vulnerable version can be read from the related security advisory.

No comments: