-
VMware makes Workstation and Fusion free for everyone
VMware has announced that its VMware Fusion and VMware Workstation desktop hypervisors are now free to everyone for commercial, educational, and personal use.
- November 11, 2024
- 05:59 PM
12
-
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024.
- October 22, 2024
- 10:08 AM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Broadcom fixes critical RCE bug in VMware vCenter Server
Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet.
- September 17, 2024
- 03:57 PM
- 0
-
New Play ransomware Linux version targets VMware ESXi VMs
Play ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines.
- July 22, 2024
- 01:01 PM
- 0
-
VMware fixes critical vCenter RCE vulnerability, patch now
VMware has issued a security advisory addressing critical vulnerabilities in vCenter Server, including remote code execution and local privilege escalation flaws.
- June 18, 2024
- 02:08 PM
- 0
-
VMware makes Workstation Pro and Fusion Pro free for personal use
VMWare has made Workstation Pro and Fusion Pro free for personal use, allowing home users and students to set up their own virtualized test labs and play with another operating system at little to no cost.
- May 14, 2024
- 03:34 PM
- 9
-
VMware fixes three zero-day bugs exploited at Pwn2Own 2024
VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest.
- May 14, 2024
- 10:48 AM
- 0
-
VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system.
- March 06, 2024
- 10:39 AM
- 3
-
VMware urges admins to remove deprecated, vulnerable auth plug-in
VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched.
- February 20, 2024
- 04:00 PM
- 0
-
Chinese hackers exploit VMware bug as zero-day for two years
A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021.
- January 19, 2024
- 11:32 AM
- 0
-
VMware confirms critical vCenter flaw now exploited in attacks
VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation.
- January 19, 2024
- 08:22 AM
- 0
-
Linux version of Qilin ransomware focuses on VMware ESXi
A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the most advanced and customizable Linux encryptors seen to date.
- December 03, 2023
- 04:07 PM
- 0
-
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th.
- December 01, 2023
- 12:58 PM
- 0
-
Microsoft fixes Windows Server VMs broken by October updates
Microsoft fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines (VMs) deployed on VMware ESXi hosts.
- November 15, 2023
- 03:51 PM
- 2
-
VMware discloses critical VCD Appliance auth bypass with no patch
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments.
- November 14, 2023
- 04:45 PM
- 0
-
VMware fixes critical code execution flaw in vCenter Server
VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers.
- October 25, 2023
- 05:00 AM
- 0
-
VMware warns admins of public exploit for vRealize RCE flaw
VMware warned customers on Monday that proof-of-concept (PoC) exploit code is now available for an authentication bypass flaw in vRealize Log Insight (now known as VMware Aria Operations for Logs).
- October 24, 2023
- 10:53 AM
- 0
-
Exploit released for critical VMware SSH auth bypass vulnerability
Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis tool (formerly known as vRealize Network Insight).
- September 01, 2023
- 04:21 PM
- 0
-
VMware Aria vulnerable to critical SSH authentication bypass flaw
VMware Aria Operations for Networks (formerly vRealize Network Insight) is vulnerable to a critical severity authentication bypass flaw that could allow remote attackers to bypass SSH authentication and access private endpoints.
- August 30, 2023
- 12:19 PM
- 0
-
Dell Compellent hardcoded key exposes VMware vCenter admin creds
An unfixed hardcoded encryption key flaw in Dell's Compellent Integration Tools for VMware (CITV) allows attackers to decrypt stored vCenter admin credentials and retrieve the cleartext password.
- August 10, 2023
- 10:38 AM
- 1
