[Info-vax] Hypervisor Security - A Major Concern

[Michael C]

On Saturday, December 19, 2020 at 1:33:25 PM UTC-5, supers... at gmail.com wrote:
> The virtualization trend is still going strong, offering businesses streamlined resource management and massive cost-saving potential, but just like every technology, it has its fair share of security risks. In fact, a virtualization solution is only as secure as the hypervisors that support it. 
> 
> VMWARE 66 CERTS 
> KVM 30 CERTS 
> 
> https://d3i71xaburhd42.cloudfront.net/25f979225153aaaec873ef238bec363cd600292e/6-Table2-1.png 
> 
> https://www.semanticscholar.org/paper/A-Systematic-Review-of-Vulnerabilities-in-and-Their-Shahzad/25f979225153aaaec873ef238bec363cd600292e

just this year


VMware Releases Security Updates - Updated October 20, 2020
Created: Thursday, October 22, 2020 - 10:44
Categories: Cybersecurity

October 20, 2020

VMware has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0023 and apply the necessary updates or workarounds. Read the advisory at CISA.

July 10, 2020

VMware has released security updates to address a vulnerability in VMware Fusion, Remote Console, and Horizon Client. An attacker could exploit this vulnerability to take control of an affected system. ISA) encourages users and administrators to review VMware Security Advisory VMSA-2020-0017 and apply the necessary updates. Read the advisory at CISA.

July 8, 2020

VMware has released a security update to address a vulnerability in VeloCloud. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0016 and apply the necessary update. Read the advisory at CISA.

June 24, 2020

VMware has released security updates to address multiple vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0015 and apply the necessary updates or workarounds. Access the advisory at CISA.

June 10, 2020

VMware has released a security update to address a vulnerability in Horizon Client for Windows. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0013 and apply the necessary update. Read the advisory at CISA.

May 29, 2020

VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the VMware Security Advisory VMSA-2020-0011 and apply the necessary updates. Read the advisory at CISA.

April 29, 2020

VMware has released security updates to address a vulnerability in ESXi. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0008 and apply the necessary updates. Read the advisory at CISA.

April 10, 2020

VMware has released security updates to address a vulnerability in VMware Directory Service (vmdir). An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0006 and apply the necessary updates. Read the advisory at CISA.

March 16, 2020

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0004 and apply the necessary updates. Read the advisory at CISA.

February 19, 2020

VMware has released security updates to address multiple vulnerabilities in vRealize Operations for Horizon Adapter. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2020-0003 and apply the necessary updates. Read the advisory at CISA.