Software Update: VMware Fusion 3.1.2 build 332101

VMware released version 3.1.2 build 332101 of its Fusion virtualization program a few days ago. This application allows various operating systems to run on a host computer using virtual machines. This allows, for example, Windows programs to run within Mac OS X, with the programs acting like normal programs via the Unity function. Other x86 operating systems are also supported, such as various Linux distributions and Solaris. The list of changes for version 3.1.2 build 332101 looks like this:

What’s New

VMware Fusion 3.1.2 is a maintenance release that resolves some known issues. It is a free upgrade for all VMware Fusion 3.x users.

Resolved Issues

This release resolves the following issues:

• The error Could not publish or run one or more applications. occurs when resuming a virtual machine that has DivX Player installed in the guest.
• Slingbox Slingplayer does not display video in the guest when 3D acceleration is enabled. In addition, very high CPU usage occurs if the guest is set to 1 core.
• Microsoft Office applications do not display as the frontmost window when they are launched in Unity view.
• Sound volume in the guest operating system is reduced after upgrading to Fusion 3.1. The volume observed through the host is not consistent with the guest volume setting.
• In a Windows XP guest, if you connect a handheld device to the host, the handshake application might time out or stop responding due to unhandled USB disable requests.
• While the virtual machine is running, if you switch from full screen mode to single window mode, the virtual machine window disappears and the light underneath the Fusion icon disappears as well. Fusion stops responding if you restart after this issue occurs.
• The guest operating system might fail with a blue screen and the error Multiple IRP Complete Requests if you access a file or folder two or more folders deep into a VMware Shared Folder and are running applications, such as Microsoft Office Powerpoint or Project, that use the byte range locks file system feature.
• Samsung Galaxy S phone with Android 2.1 does not work with Fusion. The phone does not appear in the virtual machine.
• Guest software might use CPUID information to determine characteristics of underlying (virtual or physical) CPU hardware. In some instances, CPUID information returned by virtual hardware will differ from the responses physical hardware might report. Based on these differences, certain pieces of guest software might not behave as expected. In this release, this fix causes certain CPUID responses to more closely match the responses that physical hardware might return.
• If you run Outlook 2007 in Unity mode, the Outlook dock icon might flash, or briefly quit and restart. When this happens the Outlook window also disappears and then reappears.
• Mac OS X Server guests might intermittently fail to boot, displaying a stop symbol on a gray screen shortly after powering on.

Additionally, this release resolves the following security-related issues:

• The way temporary files are handled by the mounting process could result in a race condition. This issue could allow a local user on the host to elevate their privileges. Windows-based host systems are not affected. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-4295 to this issue.
• vmware-mount, which is a SUID binary, has a flaw in the way libraries are loaded. This issue could allow local users on the host to execute arbitrary shared object files with root privileges. Windows-based host systems are not affected. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-4296 to this issue.
• A vulnerability in the input validation of VMware Tools update allows for injection of commands. This issue could allow a user on the host to execute commands on the guest operating system with root privileges. The issue can only be exploited if VMware Tools is not fully up-to-date. Windows-based virtual machines are not affected. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-4297 to this issue.