VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems (an x86 version of earlier releases was available); it enables users to set up virtual machines (VMs) on a single physical machine, and use them simultaneously along with the actual machine.
VMware Workstation and Fusion contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.
Official announcement and Remedy:
Since the public announcement did not provide the technical details. However I suspected that a design weakness on True type font parser (embedded in the TPView.dll) not been remediated. The similar vulnerability found last year. The CVE reference number is CVE-2017-4913.
Remark: Be a happy black Friday but not for this vulnerability. Yes, this is the shopping on AWS,..etc. Happy hunting.