-
Workstation 7.1.4 addresses a local privilege escalation in the vmrun utility
VMware vmrun is a utility that is used to perform various tasks on virtual machines. The vmrun utility runs on any platform with VIX libraries installed. It is installed in Workstation by default. In non-standard filesystem configurations, an attacker with the ability to place files into a predefined library path could take execution control of vmrun. This issue is present only in the version of vmrun that runs on Linux
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-1126 to this issue.
What’s New
Support for Windows 7 SP1
Security Fixes
-
In Workstation 7.1, the default main memory VA cache size (mainMem.vaCacheSize) for 32-bit Windows guests was reduced to accommodate 3D emulation memory requirements. However, the reduced value resulted in performance loss. For 7.1.4, the default main memory VA cache size has been be increased to 1000 MB and performance is improved.
-
Because Workstation failed to identify more than 10 USB host controllers in newer Windows guests, some USB devices did not appear in the Removable Devices menu. Now Workstation shows all USB devices in the Removable Devices menu as long as they are connected to the first identified 16 USB controllers.
-
When using the Capture Movie option, the captured video stopped playing around the 1GB mark if the video file exceeded 1GB. Now you can capture and play video files that are greater than 1GB.
-
On Windows host systems that have more than 4GB of memory, Workstation sometimes crashed during cryptographic operations, for example, when performing disk encryption.
-
VMware Tools upgrade could be started by a non-administrator user from the VMware Tools Control Panel in a Windows guest. In this release, only administrator users can start VMware Tools upgrade from the VMware Tools Control Panel. To prevent non-administrator users from starting VMware Tools upgrade from a guest by using other applications, set isolation.tools.autoinstall.disable to TRUE in the virtual machine configuration (.vmx) file.
-
When a virtual machine running on a Windows host was used to access an Omron Industrial CP1L Programmable Logic Controller, Workstation generated an unrecoverable error.
-
When using NAT virtual networking on Windows hosts, the traceroute command did not work when used within virtual machines.
-
Workstation crashed with an access violation when a user tried to open the sidebar after closing all tabs in Quick Switch mode.
-
The VMware Tools HGFS provider DLL caused a deadlock when making calls to the WNetAddConnection2 function from an application such as eEye Rentina in a Windows guest operating system.
-
There was no option to disable guest time sync when a host resumes. Now you can set time.synchronize.resume.host to FALSE in the virtual machine configuration (.vmx) file to disable guest time sync when a host resumes. See VMware Knowledge Base Article 1189 for other time sync options.
-
Setting a hidden attribute on a file in a shared folder from a Windows guest on a Linux host failed with an error. This problem caused applications such as SVN checkout to fail when checking out to shared folders on Linux hosts from Windows guests
. I’m very pleased with this result.
