VMware has released security updates addressing vulnerabilities in its Workstation and Fusion products. These vulnerabilities include a use-after-free issue in the Bluetooth device, a heap buffer overflow in shader functionality, an information disclosure flaw in Bluetooth, and a similar flaw in Host Guest File Sharing (HGFS). Users are advised to update to Workstation versions 17.5.2 or Fusion versions 13.5.2 immediately. For those who cannot update right away, turning off Bluetooth support and disabling 3D acceleration is recommended as a temporary fix. There are no workarounds for the HGFS vulnerability, so updating is the only solution. More information can be found on Broadcom’s support website and through various security news outlets.
Article Source
Default
www.csa.gov.sg