New in Version 6.0.1
Updated Support for Host and Guest Operating Systems
Workstation 6.0.1 adds experimental support for the following operating systems:
* 32-bit and 64-bit Windows Server 2008 (code name Longhorn) as host and guest operating systems
* 32-bit and 64-bit SUSE Linux Enterprise Server 10 SP1 as host and guest operating systems
* 32-bit and 64-bit openSUSE Linux 10.3 as host and guest operating systems
* 32-bit and 64-bit Turbolinux 10 Server as a guest operating system
Workstation 6.0.1 adds full support for the following operating systems:
* 32-bit and 64-bit Ubuntu Linux 7.04 as host and guest operating systems
* 32-bit and 64-bit Red Hat Enterprise Linux 4.5 (formerly called 4.0 Update 5) as host and guest operating systems
* 32-bit and 64-bit FreeBSD 6.2 as a guest operating system
This release also includes the following new features:
* Enablement for Japanese Product Versions
For more information, see the Japanese release notes.
Note: Technical Support services for VMware Workstation are currently delivered in English. Japanese-speaking support engineers are available in a limited capacity during the operating hours of the local support center. For more information, see VMware local language support.
* User Interface for Collecting Support Data — You can now click a button in the Workstation Help > About dialog box to gather troubleshooting data for VMware Technical Support. Previously, you had to run the script from the command line.
Workstation 6.0.1 addresses the following security issues:
* This release fixes a problem that prevented VMware Player from launching. This problem was accompanied by the error message VMware Player unrecoverable error: (player) Exception 0xc0000005 (access violation) has occurred. This problem could result in a security vulnerability from some images stored in virtual machines downloaded by the user.
* This release fixes several security vulnerabilities in the VMware DHCP server that could enable a malicious web page to gain system-level privileges.
Thanks to Neel Mehta and Ryan Smith of the IBM Internet Security Systems X-Force for discovering and researching these vulnerabilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following names to these issues: CVE-2007-0061, CVE-2007-0062, CVE-2007-0063.
* This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file IntraProcessLogging.dll to overwrite files in a system.
Thanks to the Goodfellas Security Research Team for discovering and researching these vulnerabilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4059.
* This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file vielib.dll to overwrite files in a system.
Thanks to the Goodfellas Security Research Team for discovering and researching these vulnerabilities.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following names to this issue: CVE-2007-4155.
* This release fixes a security vulnerability that could allow a guest operating system user with administrative privileges to cause memory corruption in a host process, and thus potentially execute arbitrary code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4496.
Thanks to Rafal Wojtczvk of McAfee for identifying and reporting this issue.
* This release fixes a security vulnerability that could allow a guest operating system user without administrator privileges to cause a host process to become unresponsive or exit unexpectedly, making the guest operating system unusable. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4497.
Thanks to Rafal Wojtczvk of McAfee for identifying and reporting this issue.
* This release fixes a security vulnerability in which Workstation was starting registered Windows services such as the Authorization service with "bare" (unquoted) paths, such as c:program filesvmware.... Applications and services in Windows must be started with a quoted path. This vulnerability could allow a malicious user to escalate user privileges.
Thanks to Foundstone for discovering this vulnerability.
更新:http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
官网:http://www.vmware.com/products/ws/
官方下载:http://www.vmware.com/download/ws/