VMware is currently tracking an emergent issue with a vulnerability present in the VMware Tools “Shared Folders” (HGFS) feature running on Microsoft Windows. Successful exploitation could lead to an escalation of privilege in the guest OS.
Summary
• Products affected: ESXi 5.0, 5.1, 5.5, 6.0, Workstation (prior to 11.1.2), VMware Player (prior to 7.1.2) and Fusion (prior to 7.1.2).
• The Common Vulnerabilities and Exposures (CVE) Identifier is CVE-2015-6933
Solution: Removing the “Shared Folders” feature from previously installed VMware Tools will remove the possibility of exploitation. Furthermore, apply the recommended patches for your product: https://www.vmware.com/security/advisories/VMSA-2016-0001.html
NOTE: VMTools installations initiated via vSphere are not affected unless a Complete feature set was specified during the initial installation.
