Bleeping Computer

VMware vCenter Server bug disclosed last year still not patched

VMware informed customers today that vCenter Server 8.0 (the latest version) is still waiting for a patch to address a high-severity privilege escalation vulnerability disclosed in November 2021. This ...
Bleeping Computer

VMware patches vCenter Server flaw disclosed in November

Eight months after disclosing a high-severity privilege escalation flaw in vCenter Server's IWA (Integrated Windows Authentication) mechanism, VMware has finally released a patch for one of the ...
InfoWorld

VMware warns of multiple ESX, vCenter, and vSphere vulnerabilities

In response to a VMware user group security survey conducted earlier this year, VMware said it would consider certain initiatives aimed at increasing awareness of security updates to its customers and ...
Dark Reading

Critical Vulnerability in VMware vSphere Plug-in Allows Session Hijacking

VMware is urging network administrators to remove an out-of-date plug-in for its VSphere, which has two flaws — one of them critical — that can allow attackers with access to a Windows client system ...
Threat Post

VMware Patches Flaws in ESX, vCenter

VMware has released a slew of patches that fix vulnerabilities in a number of its products, including vCenter Server, vCenter Server Appliance, vSphere Update Manager, ESX and ESXi. Some of the flaws ...