VMware Urges Rapid Patching for Serious vCenter Server Bug
Compliance
Compliance Twitter Get Permission
VMware is warning all vCenter Server administrators to patch their software to fix both a serious vulnerability that could be used to execute arbitrary code, as well as a separate authentication flaw.
Administrators use vCenter Server to manage installations of vSphere, which is VMware s virtualization platform.
The vulnerabilities need your immediate attention if you are using vCenter Server, VMware s Bob Plankers says in a blog post. All environments are different, have different tolerance for risk, and have different security controls and defense-in-depth to mitigate risk, so the decision on how to proceed is up to you, he writes. However, given the severity, we strongly recommend that you act.
VMware Urges Rapid Patching for Serious vCenter Server Bug govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Get Permission
Exim, one of the most-used message transfer agents, has issued patches for 21 flaws that could put thousands of users at risk of attacks, researchers at security firm Qualys say.
The vulnerabilities, collectively dubbed 21nails, include 11 local and 10 remote code vulnerabilities and affect all versions of Exim servers from 2004 onward, the Qualys report notes.
Exim, which was informed by Qualys about the vulnerabilities in October 2020, released patches for the flaws Tuesday. The current Exim versions - and likely older versions too - suffer from several exploitable vulnerabilities, Exim notes in an update to users. Due to several internal reasons, it took more time than usual for the Exim development team to work on these reported issues in a timely manner.