Security News > 2021 > December > Over Log4j? VMware has another critical flaw for you to patch
VMware customers have probably had a busy week because more than 100 of the IT giant's products are impacted by the Log4j bug.
Now they need to make another urgent patching effort, because the virty giant has identified another critical flaw in its products that it rates as requiring urgent attention.
That's enough to show this is a scary flaw as UEM systems can manage tens of thousands of endpoints.
Nor is the fact that this flaw is present in versions of Workspace ONE UEM dating back to the year 2008.
One is patches, which VMware has made available here.
As VMware points out, you'll need to make those changes on "Every single Windows server that has the UEM Console application installed in the environment."
News URL
https://go.theregister.com/feed/www.theregister.com/2021/12/17/vmware_criticial_uem_flaw/
Related news
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 (source)
- Patch now: Critical Nvidia bug allows container escape, complete host takeover (source)
- Progress urges admins to patch critical WhatsUp Gold bugs ASAP (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)