VMware heeft versie 15.5.1 Workstation Player uitgebracht. Player is gratis software waarmee virtuele machines kunnen worden gemaakt en gedraaid. Voor commercieel gebruik wordt echter wel een vergoeding gevraagd. Het is simpel gezegd een vereenvoudigde uitvoering van andere VMware-producten, zoals Workstation Pro, Server en ESX Server. Ook de virtual machines van Microsoft Virtual PC en Symantec LiveState Recovery-disks worden ondersteund. Daarnaast kunnen verschillende voorgeïnstalleerde virtual machines via deze pagina worden binnengehaald, zoals Debian, Ubuntu en Fedora. In versie 15.5.1 zijn de volgende beveiligingsproblemen verholpen.
This release of VMware Workstation Player addresses the following issues:
- Workstation 15.5.1 Player addresses an out-of-bounds write vulnerability in the e1000e virtual network adapter. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5541 to this issue. For more information, see VMSA-2019-0021.
- Workstation 15.5.1 Player addresses an information disclosure vulnerability in vmnetdhcp. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5540 to this issue. For more information, see VMSA-2019-0021.
- Workstation 15.5.1 Player addresses a denial-of-service vulnerability in the RPC handler. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5542 to this issue. For more information, see VMSA-2019-0021.
- Workstation 15.5.1 Player resolves TSX Asynchronous Abort (TAA), a speculative-execution vulnerability identified by CVE-2019-11135. For more information, see section 3b in VMSA-2019-0020.
- Workstation 15.5.1 Player resolves a regression introduced in Workstation 15.5.0 Player which causes the Hypervisor-Specific mitigations for for L1TF and MDS vulnerabilities to be ineffective. For more information on these mitigations, please see section 3a in VMSA-2019-0008.