check-circle-line exclamation-circle-line close-line

VMware Fusion 10.1.6 Release Notes

VMware Fusion 10.1.6 | 28 Mar 2019 | Build 12989998

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

About VMware Fusion

VMware Fusion 10 is the easiest, fastest, and most reliable way to run Windows and other x86 based operating systems on a Mac without rebooting.

For more information, see the broader VMware Fusion documentation.

What's New

This release of VMware Fusion is a free upgrade for all VMware Fusion 10 users. It contains bug fixes and security updates.

Important Fixes

This release of VMware Fusion addresses the following issue:

  • Fusion contains an out-of-bounds read/write vulnerability and a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB UHCI (Universal Host Controller Interface). These issues may allow a guest to execute code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2019-5518 (out-of-bounds read/write) and CVE-2019-5519 (TOCTOU) to these issues. See VMSA-2019-0005 for further information.
  • Fusion contains an out-of-bounds write vulnerability in the e1000 virtual network adapter. This issue may allow a guest to execute code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5524 to this issue. See VMSA-2019-0005 for further information.
  • Fusion contains an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Successful exploitation of this two-byte heap overwrite may lead to a privilege escalation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2019-5515 to this issue. See VMSA-2019-0005 for further information.

Prior Releases

Features and Known Issues from prior releases of VMware Fusion are described in the release notes for each release. To view the release notes for a prior release, click the appropriate link: