VMware Security Update for DoS problem among vulnerabilities, kernel source code leaks

VMware, virtualization software manager, has issued a security update for its vSphere API. This resolves a denial-of-service problem in ESX and ESXi. The ESX is a bare metal hypervisor, capable of enterprise level environments, where it doesn’t need a 3rd party operating system to run. Also, quite a few security updates were issued as part of this update.
The patch affects the following releases: VMware ESXi 4.1 without patch ESXi410-201211401-SG and VMware ESX 4.1 without patches ESX410-201211401-SG, ESX410-201211402-SG, ESX410-201211405-SG, and ESX410-201211407-SG.
Read more about the advisory, plus details on how to update.
This security update comes after, just over a week ago, Anonymous hacker “Stun” leaked the source code of ESX. The leak was first found out with a Twitter update, followed by the torrent posted on 1337x.org.
“Which VMware has succeed to ignore and continue producing on same level like it’s buddy Symantec did. Bullshitting people and selling crap. But it’s time for Anonymous finally to deliver,” said “Stun”.
Iain Mulholland, director of platform security for VMware, commented on the story:
It is possible that more related files will be posted in the future. We take customer security seriously and have engaged our VMware Security Response Center to thoroughly investigate.
Ensuring customer security is our top priority. As a matter of best practices with respect to security, VMware strongly encourages all customers to apply the latest product updates and security patches made available for their specific environment.
This also apparently is linked back to an April 2012 incident, where information was leaked also.
The kernel is apparently dated back to between 1998-2004, the years of which the kernel for VMware products was developed.
Users are encouraged to update their products with the latest product updates and security patches.
Tags: 4.1, Anonymous (group), Bare metal, Enterprise, ESX, ESXi, Hypervisor, Iain Mulholland, Patch (computing), Services Console, Virtual machine monitor, VMware, vSphere API
About Dr Jay
MarketerOne response to “VMware Security Update for DoS problem among vulnerabilities, kernel source code leaks”
Recent Posts
Topics
Popular Tags
Editor’s Twitter
Error: Twitter did not respond. Please wait a few minutes and refresh this page.
Blogroll
- SANS Internet Storm Center
- Dejan Kosutic's ISO 27001/22301 Standards
- Websense Security Labs Blog
- SWW Blog
- SANS Securing The Human Blog
- Bart Blaze's Security Blog
- US-CERT Computer Emergency Response Team
- Spyware Sucks Blog
- Lavasoft Security Blog
- TrendLabs Malware Blog
- ThreatPost
- Schneier on Security
- avast! blog
- Damballa Press Center
- Contagio Malware Dump
- We Live Security (ESET)
- Crowdstrike Blog
- Tigzy's RogueKiller Blog
- Kafeine's Malware Don't Need Coffee
- Security Affairs
- Lookout Mobile Security Blog
- MSNBC Red Tape Blog
- Securosis Blog
- SecureList Blog by Kaspersky
- Slug Analysis Lab
- Bill Mullins Weblog
- DHS Daily Report (Homeland-Sec)
- Skidlist
- GFI Labs Blog
- S!Ri.URZ Blog
- DSL Reports Sec. Forum
- F-Secure Weblog
- Malwarebytes Unpacked
- Stop Badware Blog
- AVG Blogs
- Webroot Blog
- Symantec Security Response Weblogs
- Microsoft Malware Protection Center Blog
- Unmask Parasites
- TaoSecurity Blog
- Bleeping Computer Virus, Spyware, & Malware Removal Guides
- RKHunter Sec/Mal Blog
- Naked Security
- Delete Malware
- Security Battlefield with George Kurtz
- Dynamoo's Blog
- ThreatMetrix Frauds & Ends Blog
- Fortinet FortiBlog
- FireEye Blog
- Xylitol's Xylibox Blog
Reblogged this on Yury Chemerkin and commented:
Add your thoughts here… (optional)