VMware Player 2.0.5 Build 118166

VMware Player is free software that enables PC users to easily run any virtual machine on a Windows or Linux PC.
VMware Player runs virtual machines created by VMware Workstation, ESX Server or GSX Server also supporting Microsoft virtual machines and Symantec LiveState Recovery disk formats.

Main features:
- Run any virtual machine. Run virtual machines created by VMware Workstation, GSX Server or ESX Server. VMware Player also supports Microsoft virtual machines and Symantec LiveState Recovery disk formats.
- Revert to previous state. Revert virtual machines to a previous clean state within seconds.
- Access host PC devices. Use host CD/DVD drives, network adapters, and plug-and-play USB devices.
- Copy and paste. Copy text and files between the virtual machine and the host PC.
- Drag and drop. Drag and drop files between a Windows host PC and a Windows virtual machine.
- Shared folders. Use shared folders to easily share files between virtual machine and the host PC.
- Multiple networking options. Virtual machines can share or obtain new IP addresses or be isolated from the network and host.
- 32- and 64-bit host and guest operating system support. Run a wide variety of virtual machines containing 32- and 64-bit operating systems simultaneously on the same physical PC. Compatible 64-bit guest operating systems include select Microsoft Windows, Red Hat, SUSE, and FreeBSD distributions.
- Adjustable memory. Tune virtual machine memory for optimal performance.
- Configurable shutdown. Power down or suspend the virtual machine when closing VMware Player.

Enhancements:
- Starting from this release, VMware has set the killbit on its ActiveX controls. Setting the killbit ensures that ActiveX controls cannot run in Internet Explorer (IE), and avoids security issues involving ActiveX controls in IE. See the KB article 240797 available from Microsoft and the related references on this topic.
- Security vulnerabilities have been reported for ActiveX controls provided by VMware when run in IE. Under specific circumstances, exploitation of these ActiveX controls might result in denial-of-service or allow running of arbitrary code when the user browses a malicious Web site or opens a malicious file in IE browser. An attempt to run unsafe ActiveX controls in Internet Explorer might result in pop-up windows warning the user.
- Note: IE can be configured to run unsafe ActiveX controls without prompting. VMware recommends that you retain the default settings in IE, which prompts when unsafe actions are requested.
- Earlier, VMware had issued knowledge base articles, KB 5965318 and KB 9078920 on security issues with ActiveX controls.
- To avoid malicious scripts that exploit ActiveX controls, do not enable unsafe ActiveX objects in your browser settings. As a best practice, do not browse untrusted Web sites as an administrator and do not click OK or Yes if prompted by IE to allow certain actions.
- The Common Vulnerabilities and Exposures has assigned the names CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, CVE-2007-5438, and CVE-2008-3696 to the security issues with VMware ActiveX controls.
- Update to FreeType: FreeType 2.3.6 resolves an integer overflow vulnerability and other vulnerabilities that can allow malicious users to run arbitrary code or might cause a denial-of-service after reading a maliciously crafted file. This release updates FreeType to its latest version 2.3.7.
- The Common Vulnerabilities and Exposures has assigned the names CVE-2008-1806, CVE-2008-1807, and CVE-2008-1808 to the issues resolved in FreeType 2.3.6.
- Update to Cairo: Cairo 1.4.12 resolves an integer overflow vulnerability that can allow malicious users to run arbitrary code or might cause a denial-of-service after reading a maliciously crafted PNG file. This release updates Cairo to its latest version 1.4.14. The Common Vulnerabilities and Exposures has assigned the name CVE-2007-5503 to the issue resolved in Cairo 1.4.12.