A few days ago VMware released an update to their Workstation product to fix two major security issues. The latest version is now 6.0.4, Build 93057, and here you can download VMware Workstation.

From the VMware Workstation 6.0 Release Notes:

Workstation 6.0.4 addresses the following security issues:

  • On Windows hosts, if VMCI is enabled, a guest can execute arbitrary code in the context of the vmx process on the host. This is a compiler-dependent vulnerability. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the CVE number CVE-2008-2099 to this issue. (bug 234208)
  • A security vulnerability related to the host-guest file system (HGFS) could cause a buffer overflow. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the CVE number CVE-2008-2098 to this issue. (bug 234214)