{"id":14879,"date":"2020-06-27T08:38:47","date_gmt":"2020-06-27T06:38:47","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=14879"},"modified":"2021-05-06T22:56:59","modified_gmt":"2021-05-06T20:56:59","slug":"vmware-fixt-kritische-workstation-und-fusion-schwachstellen","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/06\/27\/vmware-fixt-kritische-workstation-und-fusion-schwachstellen\/","title":{"rendered":"VMware fixes critical vulnerarbilities in Workstation and Fusion"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/06\/27\/vmware-fixt-kritische-workstation-und-fusion-schwachstellen\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]VMware developers have closed several critical vulnerabilities in their virtualization products VMware Workstation and Fusion these days. <\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg07.met.vgwort.de\/na\/f8d3b60e1fd443f980a55283c5703fc1\" width=\"1\" height=\"1\">I have already become aware of this issue a few days ago via this tweet from Bleeping Computer.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">VMware fixes critical vulnerability in Workstation and Fusion &#8211; <a href=\"https:\/\/twitter.com\/serghei?ref_src=twsrc%5Etfw\">@serghei<\/a><a href=\"https:\/\/t.co\/At5xcGdAYL\">https:\/\/t.co\/At5xcGdAYL<\/a><\/p>\n<p>\u2014 BleepingComputer (@BleepinComputer) <a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1275843669225070592?ref_src=twsrc%5Etfw\">June 24, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/p>\n<p>VMware has therefore released security updates to address several vulnerabilities in VMware ESXi, Workstation and Fusion. One of them is a critical flaw in default configurations of Workstation and Fusion with 3D graphics enabled.<\/p>\n<h2>CISA warns<\/h2>\n<p>The US Cyber Security and Infrastructure Security Agency (CISA) has also <a href=\"https:\/\/www.us-cert.gov\/ncas\/current-activity\/2020\/06\/24\/vmware-releases-security-updates-multiple-products\" target=\"_blank\" rel=\"noopener noreferrer\">issued a warning<\/a>. It warns that an attacker could exploit some of these vulnerabilities to take control of an affected system. CISA users and administrators are urged to update VMware products as soon as possible. <\/p>\n<h2>Details are available in the VMware Advisory<\/h2>\n<p>Details can be found in the VMware security advisory <a href=\"https:\/\/web.archive.org\/web\/20210321145331\/https:\/\/www.vmware.com\/security\/advisories\/VMSA-2020-0015.html\" target=\"_blank\" rel=\"noopener noreferrer\">VMSA-2020-0015<\/a> dated June 23, 2020, where VMware lists the following CVEs:<\/p>\n<blockquote>\n<p>CVE-2020-3962, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3966, CVE-2020-3967, CVE-2020-3968, CVE-2020-3969, CVE-2020-3970, CVE-2020-3971<\/p>\n<\/blockquote>\n<p>The following VMware products are affected:<\/p>\n<ul>\n<li>VMware ESXi\n<li>VMware Workstation Pro \/ Player (Workstation)\n<li>VMware Fusion Pro \/ Fusion (Fusion)\n<li>VMware Cloud Foundation<\/li>\n<\/ul>\n<p>The VMware Security Advisory <a href=\"https:\/\/web.archive.org\/web\/20210321145331\/https:\/\/www.vmware.com\/security\/advisories\/VMSA-2020-0015.html\" target=\"_blank\" rel=\"noopener noreferrer\">VMSA-2020-0015<\/a> provides details about the vulnerabilities and also provides information about the required updates or workarounds.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]VMware developers have closed several critical vulnerabilities in their virtualization products VMware Workstation and Fusion these days.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547,22,1218],"tags":[69,195,1710],"class_list":["post-14879","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-update","category-virtualization","tag-security","tag-update","tag-vmware"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14879","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=14879"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14879\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=14879"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=14879"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=14879"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}