He said the vendor piece is a critical step in security response. We need to know patch security.”īolander said most vendors are quick to respond, however some in the MSP space ignore their partners when these issues arise. “Generally we put a ticket in and say, ‘We need an update in the next 24 hours. “Workarounds have also been provided.”ĭustin Bolander, the CIO and founder of Clear Guidance Partners, an MSP in Austin, Texas, said in addition to making his own shop has its patches up-to-date, he reached out to vendor partners he knows are using VMware to make sure their versions of the popular software are up to date. “The new cumulative patches address both the vulnerabilities from our April advisory, including CVE-2022-22954, as well as two additional vulnerabilities that were subsequently found and resolved in the same products,” the company said in a statement.
VMware encouraged customers who have not yet updated those products, to use a set of cumulative patches that the vendor provided in its May 19 security advisory, VMSA-2022-0014. “Exploiting one of the four vulnerabilities permits attackers to execute remote code on a system without authentication and elevate privileges,” CISA wrote in its warning. The vulnerabilities CISA warned users about Thursday have hit five products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager.
VMware did not reply to a question about that exploit. This PowerShell command will ultimately lead to installing the NukeSped backdoor on the server.” The website said hackers are using “Vmware Horizon’s Apache Tomcat service to execute a PowerShell command. Meanwhile, BleepingComputer is reporting that North Korean hackers have used a separate 2021 VMware exploit to install malware related to Log4J. We also strongly urge every organization – large and small – to follow the federal government’s lead and take similar steps to safeguard their networks.” “CISA has issued this Emergency Directive to ensure that federal civilian agencies take urgent action to protect their networks. “These vulnerabilities pose an unacceptable risk to federal network security,” said Cybersecurity and Infrastructure Security Agency Director Jen Easterly in a statement Wednesday.
The federal government is warning that unpatched VMWare products pose “an unacceptable risk to federal network security” while sounding the alarm for the software’s users to immediately apply updates to guard against intrusions on their own networks.
0 kommentar(er)
