Are you running VMware View? If so, you will want to look at implementing this newly released security patch from VMware that resolves a potential scenario where a guest user, who has been given access to particular files on a VM, could potentially prompt the VM to traverse directories and retrieve files that this user should not have access to, eg: hashed passwords, etc.
I don’t normally cover security patch updates on TechHead as they are common place across all software products these days, though this particular vulnerability is a particularly nasty one that could have far reaching security implications for your virtualized VMware environment so I thought it worth a mention.
What Versions of View are affected?
The affected versions of VMware View are:
VMware View 5.x prior to version 5.1.2
VMware View 4.x prior to version 4.6.2
More Information & Fix
For more information see this VMware Security Advisory which also includes a link to the downloadable patch.
- As always, ensure you have full working backups before applying any patches else tempt the patching gods, who will teach you a lesson by making it go all horribly wrong!
About Simon Seagrave
My name is Simon Seagrave and I am a London (UK) based Senior Technology Consultant and vSpecialist working for EMC. I love my work & spend most of my time working with Virtualisation & other Enterprise IT based technologies, in particular VMware, EMC and HP products. 
I am a VMware vExpert (2009, 2010, 2011, 2012, 2013) also EMC Elect 2013.
TechHead Chatter