VMware released critical updates to several products Thursday, primarily to fix several security vulnerabilities. The virtualization software provider issued the updates to deal with vulnerabilities that could enable an attacker to overwrite arbitrary files, gain elevated privileges, cause a denial-of-service condition, or execute arbitrary code on an affected system, according to an advisory from the U.S.-CERT.
Affected products include VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player, the security organization noted. U.S.-CERT is recommending that users upgrade to mitigate the security risk. A VMware advisory noted that updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates were available for download.