VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

a. Privilege escalation on 64-bit guest operating systemsVMware products emulate hardware functions, like CPU, Memory, and IO.A flaw in VMware’s CPU hardware emulation could allow the virtual CPU to jump to an incorrect memory address. Exploitation of this issue on the guest operating system does not lead to a compromise of the host system but could lead to a privilege escalation on guest operating system. An attacker would need to have a user account on the guest operating system. Affected64-bit Windows and 64-bit FreeBSD guest operating systems and possibly other 64-bit operating systems. The issue does not affect the 64-bit versions of Linux guest operating systems.VMware would like to thank Derek Soeder for discovering this issue and working with us on its remediation.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-4279 this issue.The following table lists what action remediates the vulnerability (column 4) if a solution is available.