Mar 31 2017

Heads Up! Critical Security Patch Available for VMware ESXi & More

A few days ago, 2017-03-28, VMware released a few security patches that will prevent a guest from execute code on the ESXi host. This has been possible based on heap buffer overflow and uninitialized stack memory usage in SVGA. Available VMware KB articles for these issues are:

Affected VMware ESXi versions are:

  • 6.5 – Read the related KB here
  • 6.0 – Read the related KB here
  • 6.0 patch on top of ESXi 6.0 U2 – Read the related KB here
  • 6.0 patch on top of ESXi 6.0 U1 – Read the related KB here
  • 5.5 – Read the related KB here

In addition to ESXi, VMware Fusion, VMware Player and VMware Workstation are also affected and the below patches will fix the problem:

Read the complete VMware Security Advisories VMSA-2017-0006 for more information.


  1. Johan

    Links dead….

  2. magander3

    The Player link has been updated now. The others were fine.

    Tnx for letting me know


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">