Release: VMware Server 1.0.7, Workstation 6.0.5, Player 2.0.5, ACE 2.0.5

VMware just released a minor update for a number of products:

The reason behind this update is fixing four security vulnerabilities.
Three of them allow attackers to run arbitrary code with elevated privileges.

Update the products as soon as possible.

Update: It seems that also the new Server 1.0.7 build is still vulnerable to CVE-2008-3697.
This flaw in the VMware ISAPI extension for Microsoft IIS allows remote denial of service, so avoid to expose the Server web console outside the corporate LAN until a new fix is available.