Security News

VMware has revealed and repaired the flaws in its hypervisor discovered at China's Tianfu Cup white hat hacking competition. The bug needs patching in ESXi from version 6.5, VMware's Fusion and Workstation desktop hypervisors from versions 11 and 15 respectively, plus VMware Cloud Foundation from version 3.

VMware on Wednesday patched a total of six vulnerabilities in its SD-WAN Orchestrator product, including flaws that can be chained by an attacker to steer traffic or shut down an enterprise network. Three of the vulnerabilities were reported to VMware by Israel-based cybersecurity consulting firm Realmode Labs.

VMware unveiled the Modern Network framework to enable businesses, and their IT and application development teams, to accelerate adapting to a new normal. The Modern Network framework takes a top-down view, creating a network that understands the needs of the application and programmatically managing infrastructure to meet those needs.

VMware issued an updated fix for a critical-severity remote code execution flaw in its ESXi hypervisor products. "Updated patch versions in the response matrix of section 3a after release of ESXi patches that completed the incomplete fix for CVE-2020-3992 on 2020-11-04," said Oracle's updated advisory.

VMware on Wednesday informed customers that it has released new patches for ESXi after learning that a fix made available last month for a critical vulnerability was incomplete. VMware said the attacker needs to be on the management network and have access to port 427 on an ESXi machine in order to exploit the flaw.

VMware announced it has collaborated with Samsung to further extend its leadership in 5G. Through this alliance, the companies seek to help Communication Service Providers meet the requirements of 5G networks and accelerate the roll-out of 5G by optimizing Samsung's portfolio of telco offerings from Core to Edge to RAN for both containerized network functions and virtualized network functions with VMware Telco Cloud Platform. With VMware Telco Cloud Platform, CSPs can deploy a cloud native, software-defined 5G network that will accelerate the delivery of services and applications across distributed telco clouds with operational consistency, integrated lifecycle management and multi-layer automation while maintaining carrier-grade performance, scalability and reliability.

VMware this week informed customers that it has patched several vulnerabilities in its ESXi, Workstation, Fusion and NSX-T products, including a critical flaw that allows arbitrary code execution. VMware pointed out that the attacker needs to be on the management network and have access to port 427 on an ESXi machine in order to exploit the vulnerability.

Sysadmins responsible for VMware deployments should test and apply the latest security updates for the software. In an advisory published this morning, VMware revealed six vulnerabilities affecting its ESXi, Workstation, Fusion, Cloud Foundation, and NSX-T products.

Why does VMware NSX matter? NSX is currently the leading network virtualization platform; also, it offers an interesting micro-segmentation security use case. When is VMware NSX available? NSX currently ships as version 6.3.2.How do I use VMware NSX? NSX comes in two major flavors: one for vSphere environments and one for non-vSphere environments.

VMware and NVIDIA announced a broad partnership to deliver both an end-to-end enterprise platform for AI and a new architecture for data center, cloud and edge that uses NVIDIA DPUs to support existing and next-generation applications. Through this collaboration, the rich set of AI software available on the NVIDIA NGC hub will be integrated into VMware vSphere, VMware Cloud Foundation and VMware Tanzu.