VMware Workstation Pro received an important update for both Windows and Linux users, addressing four critical security flaws as well as an issue with the Snapshots feature. This recent update, version 17.6.4, includes fixes for vulnerabilities designated as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239, which may have allowed exploitation by a malicious actor with local administrative privileges on a virtual machine.
Despite the severity of these vulnerabilities, it is important to note that users of Windows VMs need not panic, as widespread risk is considered unlikely. VMware’s products are commonly used in enterprise environments, which makes timely security resolutions crucial.
Alongside security enhancements, the update resolves a specific error associated with the Snapshots feature. Users previously encountered an "unrecoverable error" during VM power-off operations, which has now been addressed. The cause of this issue stemmed from a pointer not being verified during asynchronous function calls, leading to access violations.
The release notes also acknowledge ongoing issues, such as broken network connections when attempting to install Windows 11 in a VM, with a workaround available by switching the network adapter from NAT to Bridged. Other known complications include malfunctioning multi-monitor support and inoperability of hardware acceleration on Linux systems equipped with Intel Meteor Lake GPUs, although this can also be remedied by adjusting a configuration value.
To benefit from this update, users can log in to the Broadcom portal to download the latest installer for VMware Workstation Pro. Users on Windows and macOS may have the option to update directly within the application, although there have been issues with this functionality in the past.
For more detailed release notes and instructions, you can refer to the official VMware documentation:VMware Workstation Pro 17.6.4 Release Notes