Mike Nisk wrote:
PS - please see my previous post. I removed some detail to protect the innocent. If anyone gets stuck they can IM me or hit my gmail.
The difficulty with these situations is that:
- The malicious people already know this, or if not, will figure it out shortly and use it
- Innocent people, with no advisory from VMware, won't know there's an issue
- VMware, without an "public exploit", have good odds of doing nothing
In short, I would encourage you to take this to a support case, and if you get nowhere, put that post right back.
