Today, VMware has released the following new and updated security advisories:
VMSA-2018-0022 – VMware Workstation and Fusion updates address an out-of-bounds write issue
VMSA-2018-0019.1 – Horizon 6, 7, Horizon Agent, and Horizon Client for Windows updates address an out-of-bounds read vulnerability
VMSA-2018-0022 documents the remediation of a critical severity out-of-bounds read vulnerability (CVE-2018-6973) in VMware Workstation and Fusion. Successfully exploiting this issue may allow allow a guest to execute code on the host. This issue has been addressed in VMware Workstation 14.1.3 and Fusion 10.1.3.
VMSA-2018-0019.1 was updated to clarify about affected products.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.
Customers should review the security advisories and direct any questions to VMware Support.