An open-vm-tools security update has been released for Debian GNU/Linux 9 Extended LTS to address a vulnerability where a malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias.