The Pwn2Own competition organized by Trend Micro’s ZDI has just wrapped up at Vancouver. VMware Workstation was a target at this competition.
In total, two teams managed to show that they could execute code on the VMware Workstation host from the guest. We are currently investigating these issues after having received the details from the teams directly. The issues were demonstrated on Workstation and we are investigating impact of them on ESXi and Fusion.
We would like to thank ZDI, Team 360 Security from Qihoo, and Team Sniper from Tencent Security for working with us to address the issues.