Hedge funds that challenged the price of Pivotal Software Inc.’s $2.7 billion sale to VMWare Inc. scored an unusual legal victory when a Delaware judge revised her math and reversed herself. Source link
VMware is issuing patches for its ESXi, Workstation and Fusion products to fix a pair of flaws that, if exploited, could each allow attackers with local administrative privileges on virtual machines to execute code as the virtual machine’s VMX process running on the host. The use-after-free flaws (CVE-2024-22252 and CVE-2024-22253) are two of four vulnerabilities … Read more
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system. These types of flaws are critical as they could permit attackers to gain unauthorized access to the host system where a hypervisor is installed … Read more
Amid rising cybersecurity threats, VMware and Apple have released urgent security updates to mitigate vulnerabilities that could lead to critical exploits. This development underscores the ongoing battle against cyber threats and the importance of maintaining updated systems. VMware’s patches address vulnerabilities in its ESXi, Workstation, Fusion, and Cloud Foundation products, crucial for preventing potential code … Read more
VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th. Cloud Director is a VMware platform that enables admins to manage data centers spread across multiple locations as Virtual Data Centers (VDC). The auth bypass security … Read more
Microsoft fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines (VMs) deployed on VMware ESXi hosts. Windows admins first reported experiencing VM start issues [1, 2, 3, 4, 5] after deploying last month’s KB5031364 cumulative update. The company confirmed the issue days later, saying it only affects guest VMs on VMware … Read more
Patch Tuesday Heads up: Microsoft’s November Patch Tuesday includes fixes for about 60 vulnerabilities – including three that have already been found and abused in the wild. First of that trio is CVE-2023-36033: a Windows Desktop Manager (WDM) Core Library elevation-of-privilege vulnerability. This one, an “important” 7.8-of-10-CVSS-rated bug, is not only listed as exploited by … Read more
VMware has released patches for a critical-severity vulnerability in its centralized management utility, vCenter Server, which could enable remote code execution attacks. vCenter Server helps users manage virtual machines, ESXi hosts, and other components from a centralized location. The flaw (CVE-2023-34048) is an out-of-bounds write issue that specifically stems from the implementation of DCE/RPC, the … Read more
VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers. vCenter Server is the central management hub for VMware’s vSphere suite, and it helps administrators manage and monitor virtualized infrastructure. The vulnerability (CVE-2023-34048) was reported by Grigory Dorodnov of Trend Micro’s Zero … Read more
VMware Workstation Pro and Player version 17.5 are now available for download. The latest virtualization software from VMware delivers security enhancements, VMRUN commands for controlling virtual machines, an option to export or import virtual machines with vTPM, improved hardware support, and numerous fixes. Here are the changelogs. What is new in VMware Workstation Pro and … Read more