Tag: vSphere
-
VMWare fixes holes that could allow virtual machine escapes
VMWare’s latest security bulletin doesn’t mince its words about how quickly you should patch: When do I need to …
-
VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client
VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote …
-
VMware warns of critical remote code execution flaw in vSphere HTML5 client
If you don’t patch, the hosts driving all your virty servers are at risk. So maybe your to-do list needs a …
-
VMware vSphere 7 Security & Features
vSphere 7, the latest version of VMware’s server virtualization product, was made generally available April 2, 2020, with an expanded …
-
VMware Fixes High-severity Flaw that Affects VMware Workstation, Fusion and vSphere Products
VMware fixes a high-severity vulnerability that affects multiple products, exploitation allows attackers to obtain sensitive information. …
-
Attention, vSphere VDP backup admins: There is a little remote root hole you need to patch…
VMware on Tuesday published a security advisory for its vSphere Data Protection (VDP) backup and recovery product. The virtualization giant …
-
VMware Patches Critical Flaws in vSphere Data Protection
VMware has patched three critical vulnerabilities in vSphere Data Protection (VDP), including arbitrary file upload, authentication bypass …
-
VMware vSphere Data Protection (VDP)
vSphere Data Protection (or VDP for short) is a long-standing product you may have heard about or even used to protect your data in your …
-
VMware vSphere 6.5 Update 1 – Under the Hood
I’m excited to announce that vSphere 6.5 Update 1 is now available and it has some great enhancements. While we have seen 5 patch releases so far, 6.5 Update 1 rolls all of those updates together as well as includes some long awaited functionality. Read full news article on DABCC
-
VMware API Allows Limited vSphere Users to Access Guest OS
LAS VEGAS – BLACK HAT USA – Researchers discovered that a VMware API can be abused by vSphere users with limited privileges to access the guest operating system without authentication. VMware has provided workarounds for preventing potential attacks exploiting the vulnerability. Read full news article on SecurityWeek
-
VMware Patches Flaws in Horizon, vSphere Products
The deserialization issue, tracked as CVE-2017-4914, was reported to VMware by Tim Roberts, Arthur Chilipweli and Kelly Correll of NTT Security. According to the vendor, the flaw can be exploited remotely to execute arbitrary commands on vulnerable appliances. Read full news article on SecurityWeek
●●●