/>
X

VMWare releases first Heartbleed patch

Numerous VMWare products use vulnerable versions of OpenSSL. So far only Horizon Workspace Server has been patched.
larry-seltzer-thumb.jpg
Written by Larry Seltzer on

VMWare has issued a security advisory (VMSA-2014-0004) listing which of their products are affected by the Heartbleed vulnerability. The advisory also announced one patch that has been released.

A long list of products are listed as affected: vCenter Server, ESXi, VMware Fusion, NSX-MH, NSX-V, NVP, Horizon Mirage Edge Gateway, Horizon View Feature Pack, Horizon View Client, Horizon Workspace Server, Horizon Workspace Client, Horizon Workspace for Macintosh, Horizon Workspace for Windows , OVF Tool, vCloud Networking and Security and vCloud Automation Center (vCAC). Of these, a patch has been released only for Horizon Workspace Server.

An earlier VMWare knowledge base article had listed the affected products, as well as a long list of unaffected VMWare products and services, plus one service — Socialcast — which was patched several days ago.

Users of Horizon Workspace Server 1.0 are advised to upgrade to version 1.5 and to apply the patch horizon-nginx-rpm-1.5.0.0-1736237.x86_64. Version 1.5 users should apply the same patch. Users of version 1.8 should apply horizon-nginx-rpm-1.8.1.1810-1736201.x86_64.

The advisory also mentions another, lesser vulnerability in one implementation of OpenSSL which is fixed in the new version without specifically saying if VMWare is affected by it.

Related

Why you should really stop charging your phone overnight
iphone-charging.jpg

Why you should really stop charging your phone overnight

iPhone
How to spot a deepfake? One simple trick is all you need
facial-recognition

How to spot a deepfake? One simple trick is all you need

AI & Robotics
Malcolm Gladwell says working from home is 'not in your best interests'. The reality is much more complicated
malcolm-gladwell

Malcolm Gladwell says working from home is 'not in your best interests'. The reality is much more complicated

Productivity