Home > Blogs > VMware Security & Compliance Blog > Tag Archives: Workstation

Tag Archives: Workstation

New VMware Security Advisory VMSA-2017-0009

Today VMware has released the following new security advisory:

VMSA-2017-0009 – VMware Workstation update addresses multiple security issues

This documents an important severity insecure library loading issue via ALSA sound driver configuration files (CVE-2017-4915) and a moderate severity NULL pointer dereference issue (CVE-2017-4916) affecting Workstation Pro/Player.

All VMware Workstation Pro/Player 12.x are affected.

Successful exploitation of the insecure library loading issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.

The NULL pointer dereference vulnerability exists in the vstor2 driver and may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine.

Workstation Pro/Player 12.5.6 fixes all these issues.

VMware would like to thank Jann Horn of Google Project Zero and Borja Merino for reporting these issues to us.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.

Customers should review the security advisories and direct any questions to VMware Support.

New VMware Security Advisory VMSA-2017-0008.2

Update 04/21/2017: Updated security advisory to clarify the Unified Access Gateway and Horizon View affected versions.

Update 04/19/2017: We have corrected the Horizon View Client for Windows version.

Today VMware has released the following new security advisory:

VMSA-2017-0008.2 – VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security vulnerabilities

This documents several critical memory corruption vulnerabilities affecting VMware Unified Access Gateway (formerly called Access Point) (8.2.x, 2.7.x and 2.5.x), Horizon View (7.x, 6.x),  and Horizon View Client for Windows (4.x) and Workstation (12.5.x).

Issue (a) is a heap-based buffer overflow vulnerability (CVE-2017-4907) which affects VMware Unified Access Gateway and Horizon View. This issue may be exploited remotely to execute code on the security gateway. VMware Unified Access Gateway 2.9 is not affected. This issue has been addressed in VMware Unified Access Gateway 2.8.1, Horizon View 7.1.0 and 6.2.4.

Issues (b), (c) and (d) are heap-based buffer-overflow, out-of-bounds read/write and integer-overflow vulnerabilities (CVE-2017-4908, CVE-2017-4909, CVE-2017-4910, CVE-2017-4911, CVE-2017-4912, CVE-2017-4913) in JPEG2000 and TrueType Font (TTF) parsers in the TPView.dll. These issues exist due the use of vulnerable Cortado ThinPrint component and impact VMware Horizon View Client for Windows and Workstation. Exploitation is possible only if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View. These issues have been addressed in VMware Workstation 12.5.3 and  Horizon View Client for Windows 4.4.0.

We would like to thank Claudio Moletta (redr2e), and Ke Liu of Tencent’s Xuanwu Lab,  Gogil and Giwan Go of STEALIEN working with ZDI for reporting these issues to us.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.

Customers should review the security advisories and direct any questions to VMware Support.

New VMware Security Advisory VMSA-2017-0005

Today VMware has released the following new security advisory:

VMSA-2017-0005 – VMware Workstation and Fusion updates address out-of-bounds memory access vulnerability

The advisory documents a critical severity out-of-bounds memory access vulnerability (CVE-2017-4901). Exploitation of the issue may allow a guest to execute code on the operating system that runs Workstation or Fusion. ESXi is not affected.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.