Security News

Menlo Security, a leader in cloud security, announced its Global Cloud Proxy Platform built on an Isolation Core is integrated with VMware Workspace ONE Unified Endpoint Management to deliver mobile isolation capabilities. The solution will allow Workspace ONE UEM customers to better protect mobile devices from ransomware and phishing attacks by isolating threats in the cloud and preventing them from reaching the endpoint.

VMware has released an update for the macOS version of Fusion to fix a privilege escalation vulnerability for which it initially released an incomplete patch. VMware told customers on March 17 that Fusion, Remote Console and Horizon Client for Mac are impacted by a high-severity privilege escalation vulnerability tracked as CVE-2020-3950.

The patch released recently by VMware for a privilege escalation vulnerability affecting Fusion for Mac have been found to be incomplete. VMware informed customers on March 17 that Fusion, Remote Console and Horizon Client for Mac are affected by a high-severity privilege escalation vulnerability caused by the improper use of setuid binaries.

VMware announced on Tuesday that it has patched a serious privilege escalation vulnerability that can be exploited on Mac systems where Fusion, Remote Console or Horizon Client are installed. The vulnerability, tracked as CVE-2020-3950 and classified as high severity, is related to the improper use of setuid binaries, and it impacts Fusion 11.x, VMRC 11.x and prior, and Horizon Client 5.x and prior.

Virtualisation company VMware patched two bugs this week that affected a large proportion of its client-side virtual machines. VMware made its name offering server virtualisation products that recreate server hardware in software, allowing admins to run many virtual servers on the same physical box at once.

The most serious of the holes, CVE-2020-3947, is a vulnerability in VMware Workstation and Fusion that can be exploited by a miscreant or malware in a guest VM to gain code execution on the host box via the vmnetdhcp component. "Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine," VMware said of the bug.

VMware has patched three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that can be exploited to execute arbitrary code on the host from the guest operating system. "Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine," VMware said in an advisory.

VMware, a leading innovator in enterprise software, announced new innovations to advance the company's strategy to make security intrinsic to the digital enterprise. New VMware Advanced Security for Cloud Foundation, which will enable customers to replace legacy security solutions and deliver unified protection across private and public clouds.

VMware has patched serious vulnerabilities, including remote code execution and authentication bypass issues, in vRealize Operations for Horizon Adapter. Horizon Adapter instances created on vRealize Operations Manager nodes enable users to receive communications from Horizon agents installed on virtual machines.

Clumio, innovators of authentic SaaS for enterprise backup, announced that its Enterprise Backup as a Service solution has attained VMware Partner Ready for VMware Cloud on AWS validation. By validating Clumio Backup as a Service with VMware Cloud on AWS and attaining the VMware Partner Ready for VMware Cloud on AWS logo, Clumio has tested and verified interoperability and can fully manage customer support requests for Clumio Backup as a Service with VMware Cloud on AWS. "We are pleased that Clumio Enterprise Backup as a Service is validated for VMware Cloud on AWS. This signifies to customers that Clumio Backup as a Service can be deployed with the knowledge and reassurance that the partner fully supports the specified versions and configurations on VMware Cloud on AWS," said Kristen Edwards, director, Technology Alliance Partner Program, VMware.