My next class:
Reverse-Engineering Malware: Advanced Code AnalysisOnline | British Summer TimeJul 28th - Aug 1st 2025

Critical VMware vulnerabilities disclosed

Published: 2017-03-29. Last Updated: 2017-03-29 09:15:26 UTC
by Xavier Mertens (Version: 1)
1 comment(s)

VMware released a security bulletin[1] with moderate to critical vulnerabilities. The following products are affected:

  • ESXi
  • Workstation
  • Fusion 

The vulnerabilities may allow a guest to execute code on the host, may lead to a DDoS or information leakage (depending on the product and version). Patches are available.

[1] https://www.vmware.com/security/advisories/VMSA-2017-0006.html

Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant
PGP Key

Keywords: vmware
1 comment(s)
My next class:
Reverse-Engineering Malware: Advanced Code AnalysisOnline | British Summer TimeJul 28th - Aug 1st 2025

Comments

VMware blog article at https://blogs.vmware.com/security/2017/03/security-landscape-pwn2own-2017.html.
In VMware words, "At this point VMware’s recommendation is that customers expedite updating, though need not take emergency measures like taking environments offline."

Anonymous

Mar 31st 2017
8 years ago

Login here to join the discussion.


Top of page
Diary Archives