The only reason for mentioning the vulnerability is… Bragging. Yes, I’m going to brag about the first vulnerability I had discovered and reported before the CVE was issued =,,) I found several vulnerabilities earlier, but all of them already had a CVE published, so it was useless. The vulnerability in VMWare Workstation and Player installer allowed criminal to launch any code you may embed into a .htm page. Well, the page must be placed in the same directory where the installer is placed and it will shoot your computer only if you are installing the new version, but, hey, it’s … Continue reading Vulnerability in VMWare Workstation installer. Not a 0-day anymore.