VMware Horizon View security update

Number: AV17-087
Date: 22 June 2017

Purpose

The purpose of this advisory is to bring attention to a security update released by VMware.

Assessment

VMware has released a security update for Horizon View Client for Mac to address a command injection vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. .  Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.

Affected Product:
VMware Horizon View Client (Mac OSX) versions prior to 4.5

CVE Reference: CVE-2017-4918

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor released updates on affected platforms accordingly.

References:

https://www.vmware.com/security/advisories/VMSA-2017-0011.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4918

Date modified: