VMware has publish a security fix for their current ESX Server. There is a vulnerability which might allow an attacker to manipulate the traffic from a remote virtual device to cause the virtual machine to crash. Another vulnerability might allow an attacker with the ability to load a specially crafted checkpoint file to execute arbitrary code on the host.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-3288 and CVE-2012-3289 to this issues. Please note that this is not the privilege escalation vulnerability which in everybody's mouth at the moment. VMware products are not affected by this issue (CVE-2012-0217).
The latest ESXi 5.0.0 Build number is now: 721882
Also affected: ESX(i) 4.1, ESX(i) 4.0, ESX(i) 3.5
Updated: ESXi Release and Build Number History