Updates were recently released for VMware, patching a vulnerability that could allow attackers to execute arbitrary code.
"The vulnerability lies in the way UDF filesystems are handled within VMware's Workstation, Player, and Fusion applications, and could be exploited by an attacker to execute code should a user install software from a specially crafted malicious ISO image," The H Security reports. "The problem was discovered by an anonymous person via the SecuriTeam Secure Disclosure program, and is believed to be present on all host operating systems."
"VMware versions up to and including Workstation 7.1.4, Player 3.1.4, and Fusion 3.1.2 are affected; other products are not vulnerable," the article states.
Go to "VMware patches buffer overflow in legacy products" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.