topic New patch for VMWare vCenter that removes remote code execution in Threats

New patch for VMWare vCenter that removes remote code execution

funkychicken — Wed, 18 Sep 2024 09:13:17 GMT

A new patch has been released for vCenter which removes an exploit rating 9.8 on CVSS

https://thehackernews.com/2024/09/patch-issued-for-critical-vmware.html

Re: New patch for VMWare vCenter that removes remote code execution

Caute_cautim — Sat, 05 Oct 2024 04:27:14 GMT

@funkychickenI think a lot of organisations will be moving away from VMWare as the costs associated with purchasing and supporting have gone up astronomically.

Regards

Caute_Cautim

Re: New patch for VMWare vCenter that removes remote code execution

funkychicken — Sat, 05 Oct 2024 07:05:51 GMT

Yes I agree. I migrated one company from VMWare to Hyper-V and Nuntanix has been playing a big part in the hypervisor market too. I think the costs for VMWare are astronomical, and all of the "nice to have's" don't make it a worthwhile choice.

Re: New patch for VMWare vCenter that removes remote code execution

chunkypigs72 — Mon, 25 Nov 2024 04:56:46 GMT

VMware has released a critical security patch for vCenter Server addressing a remote code execution (RCE) vulnerability that could allow unauthorized attackers to execute arbitrary code on affected systems. The vulnerability, identified as CVE-[Insert CVE ID], stems from improper input validation in specific vCenter components. Administrators are strongly urged to update their systems to the latest version immediately to mitigate potential exploitation risks. VMware also recommends reviewing Exclusive Men's Coats network configurations to limit vCenter's exposure and ensure robust security practices. Detailed patch instructions and release notes are available on VMware's official site.