On 3/28, VMware released ESXi patches and new versions of Workstation and Fusion to address critical security issues that were reported as part of the Pwn2Own event. These issues are identified by CVE-2017-4902, CVE-2017-4903, CVE-2017-4904, and CVE-2017-4905.

Right after the reporting of the issues at the Pwn2Own event, VMware performed a thorough evaluation of the vulnerabilities presented and subsequently started creating remediation. VMware found that the issues affect ESXi besides VMware Workstation and Fusion.

For details on affected products and fixes, see the VMware Security Advisory VMSA-2017-0006.

Note: Products not mentioned in the advisory are not affected by these vulnerabilities.