Security News > 2021 > December > Over Log4j? VMware has another critical flaw for you to patch
VMware customers have probably had a busy week because more than 100 of the IT giant's products are impacted by the Log4j bug.
Now they need to make another urgent patching effort, because the virty giant has identified another critical flaw in its products that it rates as requiring urgent attention.
That's enough to show this is a scary flaw as UEM systems can manage tens of thousands of endpoints.
Nor is the fact that this flaw is present in versions of Workspace ONE UEM dating back to the year 2008.
One is patches, which VMware has made available here.
As VMware points out, you'll need to make those changes on "Every single Windows server that has the UEM Console application installed in the environment."
News URL
https://go.theregister.com/feed/www.theregister.com/2021/12/17/vmware_criticial_uem_flaw/
Related news
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
- Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now (source)