/
VMware Tools for Windows update addresses a denial-of-service vulnerability (CVE-2021-31693)

VMware Tools for Windows update addresses a denial-of-service vulnerability (CVE-2021-31693)

VMware released security advisory VMSA-2022-0029 with Low severity affecting VMware Tools for Windows.

The fix is available in VMware Tools for Windows v12.1.5 in the VSS-Windows Content Library as Item VMware-Tools-windows-12.1.5-20735119.iso. Please, use the VSS Portal or the VSS CLI to mount the ISO and Install the patched version.

How-To Remediate

Windows

ITS Private Cloud CLI

  1. Mount the VMware Tools ISO VMware-Tools-windows-12.1.5-20735119 with the vss-cli:

    vss-cli compute vm set <id> cd up --backing VMware-Tools-windows-12.1.5-20735119.iso 1

  2. Proceed with the installation in the OS.

ITS Private Cloud Portal

  1. Login to the https://cloud-portal.eis.utoronto.ca

  2. Look for your VM and click on the Edit button.

  3. Mount the VMWare Tools ISO VMware-Tools-windows-12.1.5-20735119.

  4. Proceed with the installation in the OS.

 

References

University of Toronto - Since 1827