Security News

VMware's Virtual Cloud Network solution is an integral component of VMware Cloud Foundation, which is offered on all major hyperscale cloud providers - AWS, Azure, Alibaba Cloud, Google Cloud, IBM Cloud and Oracle Cloud - and uniquely enables VMware to make private clouds as efficient and agile as public clouds and support business continuity efforts. "Our Virtual Cloud Network solution is helping our customers provide the public cloud experience on-premise, removing the inefficient IT ticket requests and long waits for networking and security changes," said Tom Gillis, senior vice president and general manager, Networking and Security Business Unit at VMware.

Working with VMware, Vodafone Group has completed the roll-out of network virtual infrastructure across all of its European business and 21 markets in total. Operating a reliable, agile network that can be more efficiently upgraded to maintain the quality of coverage has never been more important as Vodafone customers across Europe rely on the operator to provide critical connectivity and communications services during the COVID-19 crisis.

Building on a record-setting 2019, Morpheus has released v4.2 of its multi-cloud management platform focused on enabling continuous delivery for customers leveraging Kubernetes, VMware, and Terraform. With v4.2, Morpheus has added support for brownfield Kubernetes clusters in addition to CNCF Certified Morpheus Kubernetes Service and integration with EKS and AKS. Additionally, the Morpheus Kubernetes Service has been CNCF certified up to version 1.17.

Delta Risk, a leading provider of SOC-as-a-Service and security services, announced that it has expanded its partnership with VMware Carbon Black, a leader in cloud-delivered, next-generation endpoint security. The partnership includes fully integrated managed detection, response, threat hunting, and monitoring capabilities via Delta Risk's ActiveEye security platform for customers using VMware Carbon Black solutions, providing improved endpoint visibility for organizations of all sizes.

Menlo Security, a leader in cloud security, announced its Global Cloud Proxy Platform built on an Isolation Core is integrated with VMware Workspace ONE Unified Endpoint Management to deliver mobile isolation capabilities. The solution will allow Workspace ONE UEM customers to better protect mobile devices from ransomware and phishing attacks by isolating threats in the cloud and preventing them from reaching the endpoint.

VMware has released an update for the macOS version of Fusion to fix a privilege escalation vulnerability for which it initially released an incomplete patch. VMware told customers on March 17 that Fusion, Remote Console and Horizon Client for Mac are impacted by a high-severity privilege escalation vulnerability tracked as CVE-2020-3950.

The patch released recently by VMware for a privilege escalation vulnerability affecting Fusion for Mac have been found to be incomplete. VMware informed customers on March 17 that Fusion, Remote Console and Horizon Client for Mac are affected by a high-severity privilege escalation vulnerability caused by the improper use of setuid binaries.

VMware announced on Tuesday that it has patched a serious privilege escalation vulnerability that can be exploited on Mac systems where Fusion, Remote Console or Horizon Client are installed. The vulnerability, tracked as CVE-2020-3950 and classified as high severity, is related to the improper use of setuid binaries, and it impacts Fusion 11.x, VMRC 11.x and prior, and Horizon Client 5.x and prior.

Virtualisation company VMware patched two bugs this week that affected a large proportion of its client-side virtual machines. VMware made its name offering server virtualisation products that recreate server hardware in software, allowing admins to run many virtual servers on the same physical box at once.

The most serious of the holes, CVE-2020-3947, is a vulnerability in VMware Workstation and Fusion that can be exploited by a miscreant or malware in a guest VM to gain code execution on the host box via the vmnetdhcp component. "Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine," VMware said of the bug.