« Intel and Nvidia Skirmish Over Enthusiast Memory
AMD Barcelona available: $800 for the 1.9GHz Native Quad-Core Model »
New Software

VMWare Workstation Update: Various security fix, add support for Windows Server 2008

Sep 20, 2007   1 am
These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Technorati
  • Furl

vmware_boxes VMWare users, update now!

VMware Workstation allows multiple operating systems to run on the same computer
VMware Workstation is a powerful virtual machine software for system administrators and developers who want to revolutionize software development, deployment and testing in their enterprise.

Essential features such as virtual networking, live snapshots, drag and drop and shared folders, and PXE support make VMware Workstation the most powerful and indispensable tool for enterprise IT developers and system administrators. 


Whats New

Updated Support for Host and Guest Operating Systems
Workstation 6.0.1 adds experimental support for the following operating systems:
* 32-bit and 64-bit Windows Server 2008 (code name Longhorn) as host and guest operating systems
* 32-bit and 64-bit SUSE Linux Enterprise Server 10 SP1 as host and guest operating systems
* 32-bit and 64-bit openSUSE Linux 10.3 as host and guest operating systems
* 32-bit and 64-bit Turbolinux 10 Server as a guest operating system
Workstation 6.0.1 adds full support for the following operating systems:
* 32-bit and 64-bit Ubuntu Linux 7.04 as host and guest operating systems
* 32-bit and 64-bit Red Hat Enterprise Linux 4.5 (formerly called 4.0 Update 5) as host and guest operating systems
* 32-bit and 64-bit FreeBSD 6.2 as a guest operating system
This release also includes the following new features:
* Enablement for Japanese Product Versions

For more information, see the Japanese release notes.

Note: Technical Support services for VMware Workstation are currently delivered in English. Japanese-speaking support engineers are available in a limited capacity during the operating hours of the local support center. For more information, see VMware local language support.

* User Interface for Collecting Support Data — You can now click a button in the Workstation Help > About dialog box to gather troubleshooting data for VMware Technical Support. Previously, you had to run the script from the command line.

Workstation 6.0.1 addresses the following security issues:

* This release fixes a problem that prevented VMware Player from launching. This problem was accompanied by the error message VMware Player unrecoverable error: (player) Exception 0xc0000005 (access violation) has occurred. This problem could result in a security vulnerability from some images stored in virtual machines downloaded by the user.

* This release fixes several security vulnerabilities in the VMware DHCP server that could enable a malicious web page to gain system-level privileges.
Thanks to Neel Mehta and Ryan Smith of the IBM Internet Security Systems X-Force for discovering and researching these vulnerabilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following names to these issues: CVE-2007-0061, CVE-2007-0062, CVE-2007-0063.

* This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file IntraProcessLogging.dll to overwrite files in a system.
Thanks to the Goodfellas Security Research Team for discovering and researching these vulnerabilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4059.

* This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file vielib.dll to overwrite files in a system.
Thanks to the Goodfellas Security Research Team for discovering and researching these vulnerabilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following names to this issue: CVE-2007-4155.

* This release fixes a security vulnerability that could allow a guest operating system user with administrative privileges to cause memory corruption in a host process, and thus potentially execute arbitrary code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4496.

* This release fixes a security vulnerability that could allow a guest operating system user without administrator privileges to cause a host process to become unresponsive or exit unexpectedly, making the guest operating system unusable. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4497.

* This release fixes a security vulnerability in which Workstation was starting registered Windows services such as the Authorization service with “bare” (unquoted) paths, such as c:\program files\vmware\…. Applications and services in Windows must be started with a quoted path. This vulnerability could allow a malicious user to escalate user privileges.

Read the full release notes here.

Download

Register at VMWare(free) and get free 30-day evaluation license. 

Source: DigitMemo

From: DigitMemo.com
Tags: , , , ,
This entry was posted on Thursday, September 20th, 2007 at 1:51 am and is filed under New Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a comment

Name:

eMail:

Website:

Comment: