Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

VMware releases temporary mitigations for Meltdown and Spectre flaws

VMware has provided detailed instruction on how to mitigate the Meltdown and Spectre vulnerabilities in several of its products. VMware is releasing patches and workarounds for its Virtual Appliance products affected by the Meltdown and Spectre vulnerabilities. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive […]

VMware vROps

VMware has provided detailed instruction on how to mitigate the Meltdown and Spectre vulnerabilities in several of its products.

VMware is releasing patches and workarounds for its Virtual Appliance products affected by the Meltdown and Spectre vulnerabilities.

The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive data.

The mitigations measures could be applied to vCloud Usage Meter, Identity Manager (vIDM), vCenter Server, vSphere Data Protection, vSphere Integrated Containers and vRealize Automation (vRA).

“VMware Virtual Appliance updates address side-channel analysis due to speculative execution” states the advisory published by the company.

VMware

The company acknowledged problems for its virtual appliances and opted to release workarounds to protect its customers. The proposed solutions are only temporary waiting for a permanent fix that will be released as soon as they are available.

The complete list of workarounds is available here, in some cases, admins can mitigate the issue by launching a few commands as a privileged user, in other cases the procedure to deploy mitigations is more complex.

[adrotate banner=”9″] [adrotate banner=”12″]  

Pierluigi Paganini

(Security Affairs – Spectre patches, VMware )

[adrotate banner=”5″]

[adrotate banner=”13″]