Multiple VMWare products running on Windows platforms with Shared Folders are vulnerable to a directory traversal attack. If an attacker can has access to a guest operating system they can exploit the vulnerability to gain write access to the underlying hosting system. This obviously opens the door for a multitude of attacks.

Until a patch is released users on Windows are advised to disable any Shared Folders that they may have configured.

The original advisory is at:http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004034