According to a VMware Security Advisory, there is a critical vulnerability in VMware Workstation and Fusion: the drag-and-drop (DnD) function has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.
Information Systems and Technology (IS&T) has updated the VMware Fusion Pro and VMware Workstation Pro installers on its Software Grid. VMware users should download the updates as soon as possible. If you have questions, please email the IS&T Service Desk at firstname.lastname@example.org or call 617.253.0540. You can also submit a request online.