VMware has just released it’s forth minor update for VMware Workstation 8, bringing it up to 8.0.4. The looks to contain mostly a few bug and security fixes.
- Linux guests running the Linux kernel version 2.6.34 or later could not be pinged from the host via an IPv6 address.
- On rare occasions, Linux guests would suddenly fail to Autofit or enter Unity.
- Unity mode would exit if the title bar of an application contained certain non UTF-8 encoded extended ASCII characters.
- On Windows hosts, the VMware Workstation user interface sometimes became unresponsive when minimized from full-screen mode if the suggestion balloon was being displayed.
- On Windows hosts, the user interface sometimes became unresponsive if the application was rendered on an extended display that was abruptly disconnected.
- VMware host Checkpoint file memory corruption
Input data was not properly validated when loading Checkpoint files. This issue could have allowed an attacker with the ability to load a specially crafted Checkpoint file to execute arbitrary code on the host.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-3288 to this issue.
- VMware virtual machine remote device denial of service
A device (such as CD-ROM or keyboard) that is available to a virtual machine while physically connected to a system that does not run the virtual machine is referred to as a remote device. Traffic coming from remote virtual devices was incorrectly handled. This issue could have allowed an attacker who was capable of manipulating the traffic from a remote virtual device to crash the virtual machine.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-3289 to this issue.