Tag Archives: VMware

VMware vulnerability CVE-2022-22954 threatened by ransomware, end of support for ESXi 6.5 & 6.7

[German]Various VMware products contain the critical vulnerability CVE-2022-22954 , for which a security update was provided back in April 2022. I had addressed the vulnerability in the blog post Warning: critical vulnerabilities in VMware products (April 6, 2022). Advertising

Posted in Security, Software, Virtualization | Tagged , | Leave a comment

Advertising

Mandiant, VMware and US-CERT warn of malware targeting VMware ESXi servers

[German]Google-acquired security vendor Mandiant has encountered a new malware family (VirtualPITA, VirtualPIE, and VirtualGATE) that targets virtualization solutions like VMware ESXi Server and uses specialized techniques to infiltrate. VMware has issued a security advisory to that effect, and US-CERT is … Continue reading

Posted in Security, Virtualization | Tagged , , | Leave a comment

How to find weak passwords in Active Directory and eliminate them with PowerShell

[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...

VMware: Security Adversory, Windows 11 TPM Issue

[German]Brief note for VMware users and administrators. The vendor has published a security advisory for various products (VMware Workspace ONE Access, etc.) as of August 2, 2022, because there are numerous vulnerabilities there. In addition, I still came across an … Continue reading

Posted in Security, Software, Windows | Tagged , , , | Leave a comment

Advertising

Warning: Critical Vulnerabilities in VMware Products (April 6, 2022)

[German]Just yesterday, in the blog post VMware patches Spring4Shell RCE vulnerability CVE-2022-22965, I warned about a vulnerability in certain VMware products. Now the manufacturer has followed up and warns about critical vulnerabilities in various VMware products. This affects Workspace ONE … Continue reading

Posted in Security, Software, Update | Tagged , , | Leave a comment

VMware patches Spring4Shell RCE vulnerability CVE-2022-22965

[German]Virtualization specialist VMware has released security updates for various virtualization products. These are intended to close the remote code execution (RCE) vulnerability called Spring4Shell in these products. Cloud products that use virtualization are particularly at risk. Here is an overview … Continue reading

Posted in Security, Software, Virtualization | Tagged , | Leave a comment

Advertising

VMware closes critical vulnerabilities

[German]VMware has released security updates for various products. These should close vulnerabilities that are rated as critical. It affects the products VMware ESXi, VMware Workstation, VMware Fusion and VMware Cloud Foundation. The vulnerabilities could be exploited to execute arbitrary code … Continue reading

Posted in Security, Software, Update, Virtualization | Tagged , , | Leave a comment

VMware Converter withdrawn (Feb. 2022)

[German]Brief note, I came across here: VMware VMware has withdrawn the VMware Converter from its download pages last week. This is a tool that allows you to transfer images of physical machines into VMware virtual machines (P2V). Advertising

Posted in Software | Tagged , | 2 Comments

VMware security advisory about vulnerability CVE-2021-22045 in VMware Workstation & Co.

[German]Vendor VMware has issued a security alert for vulnerability CVE-2021-22045 as of January 4, 2022. This vulnerability, located in the CD-ROM driver, threatens the security of VMware Workstation, Fusion and ESXi Server through a heap overflow. However, updates are available … Continue reading

Posted in Security, Software, Update, Virtualization | Tagged , , , | Leave a comment

Advertising

VMware security updates (August 2021)

[German]VMware has released security updates to address vulnerabilities in several products. An attacker could exploit some of these vulnerabilities to take control of an affected system. VMware vRealize Operations, VMware Cloud Foundation and vRealize Suite Lifecycle Manager are affected. US-CERT … Continue reading

Posted in Security, Virtualization | Tagged , | Leave a comment

Vulnerability CVE-2021-21985 in vSphere Client, patch it!

[German]VMware has issued an urgent security warning to users of vSphere. The vSphere Client (HTML5) contains a critical vulnerability CVE-2021-21985 that could allow remote code execution due to a lack of input validation in the Virtual SAN Health Check plug-in, … Continue reading

Posted in Security, Software, Virtualization | Tagged , , | Leave a comment