Author Archives: Iain Mulholland

About Iain Mulholland

Senior Director, Product Security @ Vmware

VMware Security Advisory VMSA-2008-0005

Last Monday, we released an advisory on the security fixes that went into the latest releases of Workstation, ACE, Server, Player and Fusion. We want to make sure that you have seen the advisory and we advise to review your VMware deployments and update where appropriate.
The fixed security issues range from denial of service to overwriting of sensitive  files on the host. One of the fixed issues is the path traversal issue that was made public late February by Core Security Technologies. The OpenSSL and libpng libraries have been updated and a default setting affected the way  debuggers authenticate to the guest has been changed to a more secure  value.
As always, comments and questions on security issues in VMware’s  products are very welcome at security@vmware.com.