VMware Workstation Pro 15.0.3 released: Fix critial security vulnerabilities

VMware Workstation Pro

VMware Workstation Pro 15.0.3 provides the leading features and performance that a professional technician relies on every day when using a virtual machine. With the latest versions of Windows and Linux, the latest processors and hardware support, and the ability to connect to VMware vSphere and vCloud Air, it’s the perfect tool to increase productivity, save time, and conquer cloud computing.

This release of VMware Workstation Pro addresses the following issue:

  • VMware Workstation Pro contains elevation of privilege vulnerabilities:
    • Workstation does not handle paths appropriately. This may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5511 to this issue. See VMSA-2019-0002 for further information.
    • COM classes are not handled appropriately. This may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5512 to this issue. See VMSA-2019-0002 for further information.
  • Updated OpenSSL library version to 1.0.2q.
  • Updated libxml2 library version to 2.9.9.

Download