Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Critical VMware vulnerabilities disclosed SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Critical VMware vulnerabilities disclosed

VMware released a security bulletin[1] with moderate to critical vulnerabilities. The following products are affected:

  • ESXi
  • Workstation
  • Fusion 

The vulnerabilities may allow a guest to execute code on the host, may lead to a DDoS or information leakage (depending on the product and version). Patches are available.

[1] https://www.vmware.com/security/advisories/VMSA-2017-0006.html

Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant
PGP Key

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Threat Hunting Europe 2021

Xme

574 Posts
ISC Handler
Mar 29th 2017
VMware blog article at https://blogs.vmware.com/security/2017/03/security-landscape-pwn2own-2017.html.
In VMware words, "At this point VMware’s recommendation is that customers expedite updating, though need not take emergency measures like taking environments offline."
Anonymous

Sign Up for Free or Log In to start participating in the conversation!