X
Tech
Home Tech Security

VMware patch batch fixes 20 security flaws

VMware patches a total of 20 different vulnerabilities affecting all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE and VMware Player.
Written by Ryan Naraine, Contributor
Virtualization software specialist VMware has shipped a batch of "critical" security updates to cover gaping holes in a wide range of its server and workstation products.

An advisory from VMware lists a total of 20 different vulnerabilities affecting all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE and VMware Player.

The company warned that attackers can exploit these bugs to launch code execution or denial-of-service attacks. In certain scenarios, a successful exploit would allow an attacker to escape from a guest system in a VM or shut down processes on the host.

[SEE: VMware buys Determina ]

Secunia rates the patch batch as "moderately critical" but issued a separate alert for the VMware ESX Server issue which carries a "highly critical" rating:

This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, perform certain actions with escalated privileges, or to cause a DoS (Denial of Service), by malicious users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

Download locations for product patches are available in the VMware advisory.

Editorial standards
Show Comments

Related

Anker Solix X1

Not into the Tesla Powerwall? You can now buy the Anker Solix X1

windows-11-laptop

Microsoft is now showing ads in Windows 11's Start menu. Here's how to block them

Placeholder product image alt text

The best AI image generators to try right now