VMware Workstation's installer loads danger-junk, so patch it ASAP
It's 2016 and virtual printing can make a desktop hypervisor run almost anything
Late last week VMware delayed the release of Workstation 12.5 because of a bug it felt needed squashing before the code went live.
It turns out the desktop hypervisor doesn't have one: it has three. And all nasty.
Two derive from a dud installer. The first means “some DLL files [are] loaded by the application improperly.”
“This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code.”
The second installer mess comes about because it “contains an insecure executable loading vulnerability that may allow an attacker to execute an exe file placed in the same directory as installer.”
“Successfully exploiting this issue may allow attackers to execute arbitrary code.”
VMware has also 'fessed up to a problem that affects VMs running in Workstation that have virtual printing turned on. This flaw means “a Windows-based Virtual Machine to trigger a heap-based buffer overflow [and] may lead to arbitrary code execution in VMware Workstation running on Windows.”
Mac admins: stop being so smug. VMware has a problem for you too, as “The graphic acceleration functions used in VMware Tools for OS X handle memory incorrectly.”
“Two resulting NULL pointer dereference vulnerabilities may allow for local privilege escalation on Virtual Machines that run OS X.”
This last bug also needs a little attention beyond the desktop from ESXi users, because there's a patch for it that also fixes the OS X problem.
At least VMware's had the good grace to announce these problems on the same day Microsoft and Adobe announced their monthly patch runs. So you should be in the mood for patching, even if you're grinding your teeth while you do it.
The fix is in: versions 12.5 of Workstation and 8.5 of Fusion are yours for the downloading now.®