Tag: ALERT

VMware Security Advisory VMSA-2018-0006

VMware Security Advisory VMSA-2018-0006

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today VMware has released the following new and updated security advisories: VMSA-2018-0006 – vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories. Customers should review the security advisories and direct any questions to VMware Support. The post VMware Security Advisory VMSA-2018-0006 appeared first on VMware Security Read more […]

New VMware Security Advisory VMSA-2018-0005

New VMware Security Advisory VMSA-2018-0005

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today, VMware has released the following new security advisory: “VMSA-2018-0005 – VMware Workstation, and Fusion updates resolve use-after-free and integer-overflow vulnerabilities” This documents the remediation of Critical and Important severity issues (CVE-2017-4949, and CVE-2017-4950). Issues (a) CVE-2017-4949 is a use-after-free vulnerability in VMware NAT service which can be exploited when IPv6 mode is enabled. This issue is rated as critical and may allow a guest to execute Read more […]

New VMware Security Advisory VMSA-2018-0003

New VMware Security Advisory VMSA-2018-0003

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today, VMware has released the following new security advisory: “VMSA-2018-0003 – vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities” This documents the remediation of three Important severity issues (CVE-2017-4945, CVE-2017-4946, and CVE-2017-4948). Issues (a) CVE-2017-4946 is a privilege escalation vulnerability that affects vRealize Operations for Horizon Read more […]

VMSA-2018-0002

VMSA-2018-0002

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today VMware has released the following new security advisory: VMSA-2017-0002 – VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution. This advisory documents remediation for known variants of the Bounds-Check Bypass (CVE-2017-5753) and Branch Target Injection (CVE-2017-5715) issues due to speculative execution disclosed today by Google Project Zero. These issues may result in information disclosure from one Virtual Machine to another Virtual Read more […]

VMSA-2018-0001

VMSA-2018-0001

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — New VMware Security Advisory VMSA-2018-0001 On January 2nd 2018 VMware released the following new security advisory: VMSA-2018-0001 – vSphere Data Protection (VDP) updates address multiple security issues. This documents several critical severity issues affecting VDP. Issue (a) is an authenication bypass vulnerability (CVE-2017-15548). A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems. Issue (b) Read more […]

New VMware Security Advisory VMSA-2017-0021

New VMware Security Advisory VMSA-2017-0021

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today VMware has released the following new security advisory: “VMSA-2017-0021 – VMware ESXi, vCenter Server Appliance, Workstation and Fusion updates address multiple security vulnerabilities” This documents the remediation of four Important severity issues (CVE-2017-4933, CVE-2017-4940, CVE-2017-4941, and CVE-2017-4943). These issues affect VMware ESXi, VMware Workstation, VMware Fusion and VMware vCenter Server Appliance. Issues (a) CVE-2017-4941 and (b) CVE-2017-4933 are stack Read more […]

VMSA-2017-0020

VMSA-2017-0020

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today VMware has released the following new security advisory: VMSA-2017-0020: VMware AirWatch Console updates address Broken Access Control vulnerability. Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories. Customers should review the security advisories and direct any questions to Airwatch Support. The post VMSA-2017-0020 appeared first on VMware Security & Compliance Blog. Read more […]

New VMware Security Advisories VMSA-2017-0018 and VMSA-2017-0019

New VMware Security Advisories VMSA-2017-0018 and VMSA-2017-0019

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today, we released VMSA-2017-0018 and VMSA-2017-0019. VMSA-2017-0018 – VMware Workstation, Fusion, and Horizon View Client updates resolve multiple security vulnerabilities This documents critical and moderate severity vulnerabilities affecting VMware Horizon View Client for Windows 4.x, Workstation 12.x and Fusion 8.x. Issue (a) is a heap-based buffer overflow vulnerability (CVE-2017-4934) which affects VMware Workstation and Fusion and may allow a guest to execute code on the host. This issue Read more […]

New VMware Security Advisory VMSA-2017-0017

New VMware Security Advisory VMSA-2017-0017

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today VMware has released the following new security advisory: VMSA-2017-0017 – VMware vCenter Server update resolves LDAP DoS, SSRF and CLRF injection issues This documents the remediation of two moderate severity issues, CVE-2017-4927 and CVE-2017-4928. These issues affect VMware vCenter Server. Issue (a) CVE-2017-4927: VMware vCenter Server doesn’t correctly handle specially crafted LDAP network packets which may allow for remote DoS. This issue affects vCenter Server 6.5 and 6.0. Read more […]

VMSA-2017-0016

VMSA-2017-0016

This post was originally published on this site —— This is a critical security advisory from VMware (VMSA) — Today VMware has released the following new security advisory: VMSA-2017-0016: VMware AirWatch Console and Launcher for Android updates resolve multiple vulnerabilities. Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories. Customers should review the security advisories and direct any questions to VMware Support. The post VMSA-2017-0016 appeared first on VMware Security & Compliance Blog. Read more […]