VMWare has released new patches to address multiple vulnerabilities in the VMWare Hosted products, and ESX. These vulnerabilities may allow the ability to execute on the host server from a guest operating system.
Relevant releases :
• VMware Workstation 6.5.1 and earlier,
• VMware Player 2.5.1 and earlier,
• VMware ACE 2.5.1 and earlier,
• VMware Server 2.0,
• VMware Server 1.0.8 and earlier,
• VMware Fusion 2.0.3 and earlier,
• VMware ESXi 3.5 without patch ESXe350-200904201-O-SG,
• VMware ESX 3.5 without patch ESX350-200904201-SG,
• VMware ESX 3.0.3 without patch ESX303-200904403-SG,
• VMware ESX 3.0.2 without patch ESX-1008421.
So it is time to apply any necessary updates to help mitigate the risks.