VMware: Workstation 6.5.2. Released


image

I was looking at the VMware Download site and saw a new build of VMware Workstation.  You can find the release notes here: releasenotes_ws652.html

The following issues are resolved in Workstation 6.5.2:

Security Fixes

  • Windows-based host privilege escalation in hcmon.sys
    A vulnerability in an ioctl function in hcmon.sys might be used to escalate privileges on a Windows-based host. The Common Vulnerabilities and Exposures project has assigned the name CVE-2009-1146 to this issue.
    New releases of hosted products address a denial-of-service problem described in CVE-2008-3761, which can only be exploited by a privileged Windows account.
  • A remote denial-of-service vulnerability in authd for Windows-based hosts
    A vulnerability in vmware-authd.exe might cause a denial-of-service condition on Windows hosts. The Common Vulnerabilities and Exposures project has assigned the name CVE-2009-0177 to this issue.
  • A VMCI privilege escalation on Windows-based hosts or guests
    Virtual Machine Communication Interface (VMCI) is an infrastructure that provides fast and efficient communication between a virtual machine and the host operating system and between two or more virtual machines on the same host. A vulnerability in vmci.sys might allow privilege escalation on Windows-based machines. This might occur on Windows-based hosts or inside Windows-based guest operating systems. Current versions of ESX Server do not support the VMCI interface and hence they are not affected by this vulnerability. The Common Vulnerabilities and Exposures project has assigned the name CVE-2009-1147 to this issue.
  • VMnc codec heap overflow vulnerabilities
    The VMnc codec assists in record and replay sessions. Record and replay records the dynamic virtual machine state over a period of time. Two heap overflow vulnerabilities might allow a remote attacker to execute arbitrary code on VMware hosted products. For an attack to be successful, the user must visit a malicious Web page or open a malicious video file.
    The Common Vulnerabilities and Exposures project has assigned the names CVE-2009-0909 and CVE-2009-0910 to these issues.
Miscellaneous
  • Creating ACE package fails on Windows virtual machines
    Creating ACE package fails with the error Tools is out of date, on virtual machines running Windows NT, Windows 9x and Windows Millennium Edition. This issue is resolved in this release.
  • Unable to install the latest version of VIX API on Workstation 6.5.0
    On Workstation 6.5.0, you cannot install VMware VIX API 1.6.2 due to an issue with the MSI installer for VIX API. This issue is resolved in this release.
  • Unable to connect to PPTP VPN using VMware NAT on Microsoft Windows guest operating systems
    When you try to open a PPTP VPN connection by using VMware NAT with Microsoft XP Service Pack 2, the following error appears:
    Disconnected. 619 connect to the remote machine could not be established.
    The issue is found on Cisco 1841 VPN and other PPTP VPN connections, and is applicable to all supported versions of Microsoft Windows host machines. This issue is resolved in this release.
  • Workstation displays wrong message after installing the latest version of VMware Tools
    After installing the latest version of VMware Tools and rebooting the guest operating system, Workstation displays the following message on the status bar:
    Your version of VMware Tools is out of date.
    This issue is resolved in this release.
  • Novell SLES 11 Beta is displayed as not supported when installing VMware Tools
    Virtual machines running the Novell SUSE Linux Enterprise Server 11 Beta operating systems as guests display the following warning message while installing VMware Tools:
    WARNING: Cannot determine dependencies of kernel module 'vmxnet'.
    This issue is resolved in this release.
  • vsock fails to load using load-vmware on Linux kernel 2.6.26 and later
    If CONFIG_MODVERSIONS is defined, vsock does not load when you run load-vmware command as the Module.symvers is missing on Linux kernels 2.6.26 and later. This issue is resolved in this release.
  • In Workstation, Google Earth displays extra lines for the country borders
    In Workstation, Google Earth displays extra yellow lines to draw the country borders, when the Direct3D Acceleration option is enabled.
    This issue is resolved in this release.
  • Unable to invoke vi editor from VMware Tools on SLES11 guest operating system
    When you try to edit VMware Tools scripts from vmware-toolbox window on SUSE Linux Enterprise Server 11 (SLES11), the following error appears in the console:
    Cannot edit script because the vi editor was not found
    This issue is resolved in this release.
    To edit vmware-tools scripts:
    1. Launch VMware Tools and select the Scripts tab.
    2. Select Custom script option and click Edit.
  • Only the first attempt succeeds when mapping original and cloned virtual disk files to drive letters
    On Windows hosts, if you make a linked or full clone of a virtual machine and then try to map the virtual disk files of the original virtual machine as well as of the clone to drive letters on the host, only the first mapping succeeds. Because both disks have the same signature, you can map only one of the disks at a time. This issue is resolved in this release.

Download the new version here: http://www.vmware.com/download/ws/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s