Straight from the VMware Security announcement mailing list:
VMware Hosted products and patches for ESX and ESXi resolve multiple security issues. A flaw in the CPU hardware emulation may allow for a privilege escalation on virtual machine guest operating systems. In addition a directory traversal issue is resolved.
Read that over again… A flaw in the HOST can lead to a priviledge escalitions in the GUEST. While scary, there is a patch for this. One should also be looking at using Update Manager to download and deploy patches, or at least joining the security announcement list. The form for that is off to the right of the page.