181 replies to this topic

[AplusWebMaster]

FYI...

VMSA-2016-0004 - VMware product updates address a critical security issue - Plugin
- https://www.vmware.c...-2016-0004.html
2016-04-14
Synopsis: VMware product updates address a critical security issue in the VMware Client Integration Plugin
CVE numbers: CVE-2016-2076
Summary: VMware vCenter Server, vCloud Director (vCD), vRealize Automation (vRA) Identity Appliance, and the Client Integration Plugin (CIP) updates address a critical security issue.
Relevant Releases: vCenter Server 6.0, vCenter Server 5.5 U3a, U3b, U3c, vCloud Director 5.5.5, vRealize Automation Identity Appliance 6.2.4
Problem Description:
a. Critical VMware Client Integration Plugin incorrect session handling
The VMware Client Integration Plugin does not handle session content in a safe way. This may allow for a Man in the Middle attack or Web session hijacking in case the user of the vSphere Web Client visits a malicious Web site.
  The vulnerability is present in versions of CIP that shipped with:
   - vCenter Server 6.0 (any 6.0 version up to 6.0 U2)
   - vCenter Server 5.5 U3a, U3b, U3c
   - vCloud Director 5.5.5
   - vRealize Automation Identity Appliance 6.2.4
  In order to remediate the issue, both the server side (i.e. vCenter Server, vCloud Director, and vRealize Automation Identity Appliance) and the client side (i.e. CIP of the vSphere Web Client) will need  to be updated.
  The steps to remediate the issue are as follows:
   A) Install an updated version of:
       - vCenter Server
       - vCloud Director
       - vRealize Automation Identity Appliance
   b ) After step A), update the Client Integration Plugin on the system from which the vSphere Web Client is used.
 Updating the plugin on vSphere and vRA Identity Appliance is explained in VMware Knowledge Base article 2145066.
 Updating the plugin on vCloud Director is initiated by a prompt when connecting the vSphere Web Client to the updated version of vCloud Director.
   The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-2076 to this issue.
Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
 vCenter Server
   Downloads and Documentation:
- https://www.vmware.c...ownload-vsphere
- http://pubs.vmware.c...ease-notes.html
 vCloud Director 5.5.6
   Downloads and Documentation:
- https://www.vmware.c...vcloud-director
- http://pubs.vmware.c...rector_556.html
 VMware vRealize Automation 6.2.4.1
Downloads and Doumentation:
- https://my.vmware.co..._automation/6_2
  (select "Go to Downloads" and scroll down to "Security Update")
- http://pubs.vmware.c...ease-notes.html
5. References
- http://cve.mitre.org...e=CVE-2016-2076
VMware Knowledge Base article 2145066
- https://kb.vmware.com/kb/2145066
___

- https://www.us-cert....ecurity-Updates
April 14, 2016
 

Edited by AplusWebMaster, 15 April 2016 - 04:51 AM.

[AplusWebMaster]

FYI...

VMSA-2016-0005 - updates address critical and important security issues
- https://www.vmware.c...-2016-0005.html
2016-05-17
Relevant Releases
   vCenter Server 6.0 prior to 6.0 U2
   vCenter Server 5.5 prior to 5.5 U3d (on Windows), 5.5 U3 (VCSA)
   vCenter Server 5.1 prior to 5.1 U3b
   vCenter Server 5.0 prior to 5.0 U3e
   vCloud Director prior to 8.0.1.1
   vCloud Director prior to 5.6.5.1
   vCloud Director prior to 5.5.6.1
   vSphere Replication prior to 6.0.0.3
   vSphere Replication prior to 5.8.1.2
   vSphere Replication prior to 5.6.0.6
   vRealize Operations Manager 6.x (non-appliance version)
   VMware Workstation prior to 11.1.3
   VMware Player prior to 7.1.3
Problem Description:
a. Critical JMX issue when deserializing authentication credentials:
The RMI server of Oracle JRE JMX deserializes any class when deserializing authentication credentials. This may allow a remote, unauthenticated attacker to cause deserialization flaws and execute their commands.
Workarounds CVE-2016-3427:
vCenter Server:
Apply the steps of VMware Knowledge Base article 2145343 to vCenterServer 6.0 on Windows. See the table below for the specific vCenter Server 6.0 versions on Windows this applies to.
vCloud Director: No workaround identified
vSphere Replication: No workaround identified
vRealize Operations Manager (non-appliance):
The non-appliance version of vRealize Operations Manager (vROps), which can be installed on Windows and Linux has no default firewall. In order to remove the remote exploitation possibility, access to the following external ports will need to be blocked on the system where the non-appliance version of vROps is installed:
      - vROps 6.2.x: port 9004, 9005, 9006, 9007, 9008
      - vROps 6.1.x: port 9004, 9005, 9007, 9008
      - vROps 6.0.x: port 9004, 9005
Note: These ports are already blocked by default in the appliance version of vROps.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-3427 to this issue...
b. Important VMware Workstation and Player for Windows host privilege escalation vulnerability.
VMware Workstation and Player for Windows do not properly reference one of their executables. This may allow a local attacker on the host to elevate their privileges...
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Server:
Downloads and Documentation: https://www.vmware.c...ownload-vsphere
vCloud Director:
Downloads and Documentation: https://www.vmware.c...vcloud-director
vSphere Replication:
Downloads and Documentation:
- https://my.vmware.co...oadGroup=VR6003
- https://my.vmware.co...oadGroup=VR5812
- https://my.vmware.co...oadGroup=VR5606
- https://www.vmware.c...ation-pubs.html
VMware Workstation:
Downloads and Documentation: https://www.vmware.c...loadworkstation
VMware Player:
Downloads and Documentation: https://www.vmware.c.../downloadplayer
___

> https://isc.sans.edu...l?storyid=21071
2016-05-17 - "... Not all products are affected and not all affected products already has a patch. If there is not a patch, there is a workaround..."

> http://www.securityt....com/id/1035900
CVE Reference: https://web.nvd.nist...d=CVE-2016-2077
May 17 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Workstation prior to 11.1.3, Player prior to 7.1.3
Description: A vulnerability was reported in VMware Workstation and Player for Windows. A local user on the host system can gain elevated privileges on the host system.
The system does not properly reference an executable. A local user on the host system can gain elevated privileges on the host system...
Impact: A local user on the host system can gain elevated privileges on the host system.
Solution: The vendor has issued a fix (Workstation 11.1.3, Player 7.1.3)...
 

Edited by AplusWebMaster, 18 May 2016 - 11:06 AM.

[AplusWebMaster]

FYI...

VMSA-2016-0006 - VMware vCenter Server updates - important cross-site scripting issue
- https://www.vmware.c...-2016-0006.html
2016-05-24
Summary: VMware vCenter Server updates address an important cross-site scripting issue.
Relevant Releases
vCenter Server 6.0 prior to 6.0 update 2
vCenter Server 5.5 prior to 5.5 update 3d
vCenter Server 5.1 prior to 5.1 update 3d
Problem Description
a. Reflected cross-site scripting issue through flash parameter injection. The vSphere Web Client contains a reflected cross-site scripting vulnerability that occurs through flash parameter injection. An attacker can exploit this issue by tricking a victim into clicking a malicious link.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-2078 to this issue...
Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Server: Downloads and Documentation:
- https://www.vmware.c...ownload-vsphere
Consolidated list of VMware Security Advisories
- http://kb.vmware.com/kb/2078735
___

- http://www.securityt....com/id/1035961
CVE Reference: https://cve.mitre.or...e=CVE-2016-2078
May 25 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.1.x prior to 5.1 update 3d, 5.5.x prior to 5.5 update 3d, 6.0.x prior to 6.0 update 2
Description: A vulnerability was reported in VMware vCenter Server. A remote user can conduct cross-site scripting attacks...
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the VMware vCenter interface, access data recently submitted by the target user via web form to the interface, or take actions on the interface acting as the target user.
Solution: The vendor has issued a fix (5.1 U3d, 5.5 U3d, 6.0 U2)...
___

Updated:

VMSA-2015-0007.5 - VMware vCenter and ESXi updates address critical security issues
- https://www.vmware.c...-2015-0007.html
Updated on: 2016-05-24
Change log: 2016-05-24 VMSA-2015-0007.5
Updated security advisory to add that vCenter Server 5.1 U3d running on Windows addresses CVE-2105-2342 without the need to install the additional patch.

VMSA-2016-0005.1 - VMware product updates address critical and important security issues
- https://www.vmware.c...-2016-0005.html
Updated on: 2016-05-24
Change log: 2016-05-24 VMSA-2016-0005.1
Updated security advisory in conjunction with the release of vSphere 5.1 U3d on 2016-05-24. vCenter Server 5.1 U3d running on Windows addresses CVE-2016-3427 without the need to install the additional patch.
 

Edited by AplusWebMaster, 26 May 2016 - 06:54 AM.

[AplusWebMaster]

FYI...

See: https://forums.whatt...130652&p=877380
Microsoft 'Convenience Update' and VMware VMXNet3 Incompatibilities
 

[AplusWebMaster]

FYI...

VMSA-2016-0007 - VMware NSX and vCNS product updates address a critical information disclosure vuln
- https://www.vmware.c...-2016-0007.html
2016-06-09
Summary: VMware NSX and vCNS product updates address a critical information    
disclosure vulnerability.
Relevant Releases:
NSX 6.2 prior to 6.2.3  
NSX 6.1 prior to 6.1.7      
vCNS 5.5.4 prior to 5.5.4.3
Problem Description:
a. VMware NSX and vCNS critical information disclosure vulnerability VMware NSX and vCNS with SSL-VPN enabled contain a critical input validation vulnerability.
This issue may allow a remote attacker to gain access to sensitive information.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-2079 to this issue...
Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware NSX Downloads:
- https://www.vmware.c...oad-nsx-vsphere
Documentation:    
- https://www.vmware.c...s/nsx_pubs.html
vCNS Downloads:    
- https://www.vmware.c...download-vcd-ns
Documentation:    
- https://www.vmware.c...hield_pubs.html

- http://www.securityt....com/id/1036077
CVE Reference: CVE-2016-2079
Jun 10 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.5.4.x prior to 5.5.4.3 ...
Impact: A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (5.5.4.3)...
___

VMSA-2016-0008 - VMware vRealize Log Insight addresses important and moderate security issues
- https://www.vmware.c...-2016-0008.html
2016-06-09
Summary: VMware vRealize Log Insight addresses important and moderate security issues.
Relevant Releases: VMware vRealize Log Insight prior to 3.3.2
Problem Description:
a. Important stored cross-site scripting issue in VMware vRealize Log Insight
VMware vRealize Log Insight contains a vulnerability that may allow for a stored cross-site scripting attack. Exploitation of this issue may lead to the hijack of an authenticated user's session...
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-2081 to this issue...
Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware vRealize Log Insight 3.3.2
Downloads and Documentation: Download VMware vRealize Log Insight
References: CVE-2016-2081, CVE-2016-2082
> https://my.vmware.co...=573&rPId=11613

- http://www.securityt....com/id/1036078
CVE Reference: CVE-2016-2081, CVE-2016-2082
Jun 10 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): vRealize Log Insight 2.x and 3.x prior to 3.3.2 ...
Impact: A remote user can take actions on the target system acting as the target authenticated user.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the VMware vRealize software, access data recently submitted by the target authenticated user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (3.3.2)...
 

Edited by AplusWebMaster, 10 June 2016 - 06:20 AM.

[AplusWebMaster]

FYI...

VMSA-2016-0009 - VMware vCenter Server updates - reflective cross-site scripting issue
- https://www.vmware.c...-2016-0009.html
2016-06-14
Summary: VMware vCenter Server updates address an important refelctive cross-site scripting issue.
Relevant Releases:
   vCenter Server 5.5 prior to 5.5 update 2d
   vCenter Server 5.1 prior to 5.1 update 3d
   vCenter Server 5.0 prior to 5.0 update 3g
Problem Description:
 Important vCenter Server reflected cross-site scripting issue
   The vSphere Web Client contains a reflected cross-site scripting
   vulnerability due to a lack of input sanitization. An attacker can
   exploit this issue by tricking a victim into clicking a malicious
   link...
   The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-6931 to this issue...
Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file...
Downloads and Documentation:
- https://www.vmware.c...ownload-vsphere

- http://www.securityt....com/id/1036112
CVE Reference: CVE-2015-6931
Jun 15 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.0 prior to 5.0 update 3g, 5.1 prior to 5.1 update 3d, 5.5 prior to 5.5 update 2d ...
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the VMware vCenter Server software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (5.0 U3g, 5.1 U3d, 5.5 U2d)...
___

- https://www.us-cert....ecurity-Updates
June 15, 2016
 

Edited by AplusWebMaster, 15 June 2016 - 01:48 PM.

[AplusWebMaster]

FYI...

VMSA-2016-0010 - VMware product updates address multiple important security issues
- https://www.vmware.c...-2016-0010.html
Aug 4, 2016
Summary: VMware product updates address a DLL hijacking issue in Windows-based VMware Tools and an HTTP Header injection issue in vCenter Server and ESXi.
Relevant Products:
    VMware vCenter Server
    VMware vSphere Hypervisor (ESXi)
    VMware Workstation Pro
    VMware Workstation Player
    VMware Fusion
    VMware Tools
Problem Description:
a. DLL hijacking issue in Windows-based VMware Tools
b. HTTP Header injection issue in vCenter Server and ESXi
Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Server: Downloads and Documentation:  
- https://www.vmware.c...ownload-vsphere
ESXi 6.0: Downloads:
- https://www.vmware.c...indPatch.portal
Documentation:
- http://kb.vmware.com/kb/2142192- (CVE-2016-5331)
- http://kb.vmware.com/kb/2142193- (CVE-2016-5330)
ESXi 5.5: Downloads:  
- https://www.vmware.c...indPatch.portal
Documentation: http://kb.vmware.com/kb/2144370
ESXi 5.1: Downloads:
- https://www.vmware.c...indPatch.portal
Documentation: http://kb.vmware.com/kb/2141434
ESXi 5.0: Downloads: https://www.vmware.c...indPatch.portal
Documentation: http://kb.vmware.com/kb/2144027
VMware Workstation Pro 12.1.1: Downloads and Documentation:
- https://www.vmware.c...dworkstationpro
VMware Workstation Player 12.1.1: Downloads and Documentation:  
- https://www.vmware.c.../downloadplayer
VMware Fusion 8.1.1: Downloads and Documentation:
- https://www.vmware.c.../downloadfusion
VMware Tools 10.0.6: Downloads:
- https://my.vmware.co...6&productId=491
Documentation: http://pubs.vmware.c...ease-notes.html
References:
- http://cve.mitre.org...e=CVE-2016-5330
- http://cve.mitre.org...e=CVE-2016-5331
___

- http://www.securityt....com/id/1036543
CVE Reference: CVE-2016-5331
Aug 5 2016

- http://www.securityt....com/id/1036544
CVE Reference: CVE-2016-5330, CVE-2016-5331
Aug 5 2016

- http://www.securityt....com/id/1036545
CVE Reference: CVE-2016-5330, CVE-2016-5331
Aug 5 2016
___

- https://www.us-cert....curity-Update-0
Aug 05, 2016
 

Edited by AplusWebMaster, 05 August 2016 - 03:01 PM.

[AplusWebMaster]

FYI...

VMSA-2016-0011 - vRealize Log Insight update addresses directory traversal vuln
- https://www.vmware.c...-2016-0011.html
Aug 12, 2016
CVE numbers: CVE-2016-5332
Summary: vRealize Log Insight update addresses directory traversal vulnerability.
Relevant Products: vRealize Log Insight
Problem Description: vRealize Log Insight contains a vulnerability that may allow for a directory traversal attack. Exploitation of this issue may lead to a partial information disclosure. There are no known workarounds for this issue...
Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vRealize Log Insight 3.6.0
Downloads and Documentation:
- https://my.vmware.co...=598&rPId=12336
___

- http://www.securityt....com/id/1036619
CVE Reference: CVE-2016-5330, CVE-2016-5332
Aug 12 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.x, 3.x ...
Impact: A remote user can view files on the target system.
Solution: The vendor has issued a fix (3.6.0)...
 

[AplusWebMaster]

FYI...

VMSA-2016-0012 - VMware Photon OS OVA default public ssh key
- https://www.vmware.c...-2016-0012.html
2016-08-15
1. Summary: VMware Photon OS OVA contains a default public ssh key.
2. Relevant Products:
    VMware Photon OS OVA 1.0
3. Problem Description
a. VMware Photon OS OVA default public ssh key  
A public ssh key used in the Photon OS build environment was inadvertently left in the original Photon OS 1.0 OVAs. This issue would have allowed anyone with the corresponding private key to access any Photon OS system built from the original 1.0 OVAs.
The issue was discovered internally and the original OVAs have been replaced by updated OVAs. All instances of the corresponding private key have been deleted within VMware.    
Customers that have downloaded a Photon OS 1.0 OVA before August 14, 2016 should review the Photon OS OVAs release notes for the workaround or should download a new OVA and replace all existing instances with new instances built from the updated Photon OS 1.0 OVAs. These release notes also document a test for when an OVA is affected.
This issue is only present in the original Photon OS 1.0 OVAs and is not present in other Photon OS deliverables...
References: CVE-2016-5332
Photon OS OVA Release Notes: https://github.com/v...er/CHANGELOG.md

- http://www.securityt....com/id/1036628
CVE Reference: CVE-2016-5333
Aug 16 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Photon OS ...
Impact: A remote user can gain access to the target system.
Solution: The vendor has replaced the original OVAs with updated OVAs that do not include the default public ssh key as of August 14, 2016...
 

[AplusWebMaster]

FYI...

VMSA-2016-0013 - VMware Identity Manager and vRealize Automation updates address multiple security issues
- https://www.vmware.c...-2016-0013.html
2016-08-23
CVE numbers: CVE-2016-5335, CVE-2016-5336
1.Summary: VMware Identity Manager and vRealize Automation updates address multiple security issues
2. Relevant Products
    VMware Identity Manager
    vRealize Automation
3. Problem Description:
a. VMware Identity Manager local privilege escalation vulnerability  
VMware Identity Manager and vRealize Automation both contain a vulnerability that may allow for a local privilege escalation. Exploitation of this issue may lead to an attacker with access to a low-privileged account to escalate their privileges to that of root.  
The Common Vulnerabilities and Exposures project (cve.mitre.org) has reserved the identifier CVE-2016-5335 for this issue...
b. vRealize Automation remote code execution vulnerability      
vRealize Automation contains a vulnerability that may allow for remote code execution. Exploitation of this issue may lead to an attacker gaining access to a low-privileged account on the appliance.     
The Common Vulnerabilities and Exposures project (cve.mitre.org) has reserved the identifier CVE-2016-5336 for this issue...
4. Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file...
VMware Identity Manager 2.7...
vRealize Automation 7.1...
___

- http://www.securityt....com/id/1036685
CVE Reference: CVE-2016-5335, CVE-2016-5336
Aug 24 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.0.x ...
Impact: A local user can obtain root privileges on the target system.
A remote user can execute arbitrary code on the target system.
Solution: The vendor has issued a fix (7.1).
Also, a workaround for the remote code execution is described at:
- https://kb.vmware.com/kb/2146585
KB: 2146585 - Updated: Aug 23, 2016
____

VMSA-2015-0009.4 - VMware product updates address a critical deserialization vuln
- https://www.vmware.c...-2015-0009.html
Updated on: 2016-08-23
2016-08-23 VMSA-2015-0009.4 - "Updated security advisory to reflect that the appliance version of vRealize Operations 6.x -is- affected (earlier versions of this advisory said 'Not affected')..."
___

- https://www.us-cert....ecurity-Updates
Aug 24, 2016
 

Edited by AplusWebMaster, 25 August 2016 - 05:11 AM.

[AplusWebMaster]

FYI...

VMSA-2016-0014 - VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues
- https://www.vmware.c...-2016-0014.html
2016-09-13
CVE numbers: CVE-2016-7081, CVE-2016-7082, CVE-2016-7083, CVE-2016-7084, CVE-2016-7079, CVE-2016-7080, CVE-2016-7085, CVE-2016-7086
1. Summary: VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues
2. Relevant Products
- ESXi
- VMware Workstation Pro
- VMware Workstation Player
- VMware Fusion
- VMware Tools
3. Problem Description
a. VMware Workstation heap-based buffer overflow vulnerabilities via Cortado ThinPrint
VMware Workstation contains vulnerabilities that may allow a Windows-based Virtual Machine (VM) to trigger a heap-based buffer overflow. Exploitation of these issues may lead to arbitrary code execution in VMware Workstation running on Windows.
Exploitation is only possible if virtual printing has been enabled in VMware Workstation. This feature is not enabled by default. VMware Knowledge Base article 2146810* documents the procedure for enabling and disabling this feature...
* https://kb.vmware.co...ernalId=2146810
b. VMware Workstation memory corruption vulnerabilities via Cortado Thinprint      
VMware Workstation contains vulnerabilities that may allow a Windows-based virtual machine (VM) to corrupt memory. This includes improper handling of EMF files (CVE-2016-7082), TrueType fonts embedded in EMFSPOOL (CVE-2016-7083), and JPEG2000 images (CVE-2016-7084) in tpview.dll. Exploitation of these issues may lead to arbitrary code execution in VMware Workstation running on Windows.
Exploitation is only possible if virtual printing has been enabled in VMware Workstation. This feature is not enabled by default. VMware Knowledge Base article 2146810* documents the procedure for enabling and disabling this feature.
c. VMware Tools NULL pointer dereference vulnerabilities      
The graphic acceleration functions used in VMware Tools for OSX handle memory incorrectly. Two resulting NULL pointer dereference vulnerabilities may allow for local privilege escalation on Virtual Machines that run OSX.
The issues can be remediated by installing a fixed version of VMware Tools on affected OSX VMs directly. Alternatively the fixed version of Tools can be installed through ESXi or Fusion after first updating to a version of ESXi or Fusion that ships with a fixed version of VMware Tools...
d. VMware Workstation installer DLL hijacking issue      
Workstation installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code...
4. Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware ESXi 6.0
Downloads: https://www.vmware.c...indPatch.portal
Documentation: https://kb.vmware.com/kb/2145816
VMware ESXi 5.5
Downloads: https://www.vmware.c...indPatch.portal
Documentation: https://kb.vmware.com/kb/2144370
VMware Workstation Pro 12.5.0
Downloads and Documentation: https://www.vmware.c...loadworkstation
VMware Workstation Player 12.5.0
Downloads and Documentation: https://www.vmware.c.../downloadplayer
VMware Fusion 8.5.0
Downloads and Documentation: https://www.vmware.c.../downloadfusion
VMware Tools 10.0.9
Downloads and Documentation: https://my.vmware.co...oup=VMTOOLS1009
___

- http://www.securityt....com/id/1036804
CVE Reference: CVE-2016-7079, CVE-2016-7080
Sep 14 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): VMware Tools 9.x, 10.x; running on OS X guest virtual machines ...
Impact: A local user on an OS X guest system can obtain elevated privileges on the guest system.
Solution: The vendor has issued a fix (VMware Tools 10.0.9)...

- http://www.securityt....com/id/1036805
CVE Reference: CVE-2016-7081, CVE-2016-7082, CVE-2016-7083, CVE-2016-7084, CVE-2016-7085, CVE-2016-7086
Sep 14 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: A local user on the guest system can gain elevated privileges on the host system.
A local user on the host system can obtain elevated privileges on the host system.
Solution: The vendor has issued a fix (Workstation Pro 12.5.0, Player 12.5.0)...
___

- https://www.us-cert....ecurity-Updates
Sep 16, 2016
 

Edited by AplusWebMaster, 16 September 2016 - 04:50 AM.

[AplusWebMaster]

FYI...

VMSA-2016-0015 - VMware Horizon View updates address directory traversal vuln
- https://www.vmware.c...-2016-0015.html
2016-10-06
CVE-2016-7087
1. Summary: VMware Horizon View updates address directory traversal vulnerability.
2. Relevant Products: VMware Horizon View
3. Problem Description: VMware Horizon View updates address directory traversal vulnerability
VMware Horizon View contains a vulnerability that may allow for a directory traversal on the Horizon View Connection Server. Exploitation of this issue may lead to a partial information disclosure...
4. Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware Horizon View 7.0.1 / Downloads and Documentation:
- https://my.vmware.co...are_horizon/7_0
VMware Horizon View 6.2.3 / Downloads and Documentation:
- https://my.vmware.co...are_horizon/6_2
VMware Horizon View 5.3.7 / Downloads and Documentation:
- https://my.vmware.co...n_with_view/5_3
Change log:
2016-10-06 VMSA-2016-0015 Initial security advisory in conjunction with the release of VMware Horizon View 5.3.7 on 2016-10-06...
___

- http://www.securityt....com/id/1036972
CVE Reference: CVE-2016-7087
Oct 7 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.x, 6.x, 7.x
Impact: A remote user can view potentially sensitive information on the target system.
Solution: The vendor has issued a fix (5.3.7, 6.2.3, 7.0.1)...
 

[AplusWebMaster]

FYI...

VMSA-2016-0016 - vRealize Operations (vROps) updates address privilege escalation vuln
- https://www.vmware.c...-2016-0016.html
2016-10-11
Severity: Critical
1. Summary: vRealize Operations (vROps) updates address privilege escalation vulnerability.
2. Relevant Products: vRealize Operations (vROps)
3. Problem Description: vROps privilege escalation issue:
vROps contains a privilege escalation vulnerability. Exploitation of this issue may allow a vROps user who has been assigned a low-privileged role to gain full access over the application. In addition it may be possible to stop and delete Virtual Machines managed by vCenter...
4. Solution: Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vRealize Operations: Downloads and Documentation:
- https://my.vmware.co..._operations/6_3
5. References:
- http://cve.mitre.org...e=CVE-2016-7457
- https://kb.vmware.com/kb/2147215
- https://kb.vmware.com/kb/2147247
- https://kb.vmware.com/kb/2147246
- https://kb.vmware.com/kb/2147248
 

[AplusWebMaster]

FYI...

VMSA-2016-0017 - VMware product updates address multiple information disclosure issues
- https://www.vmware.c...-2016-0017.html
2016-10-25
CVE numbers: CVE-2016-5328, CVE-2016-5329
1. Summary: VMware product updates address information disclosure issues in VMware Fusion and VMware Tools running on Mac OS X.
2. Relevant Products:
    VMware Fusion
    VMware Tools   
3. Problem Description:
a. VMware Tools Information disclosure issue in Mac OS X Virtual  Machines  
An information disclosure vulnerability is present in VMware Tools running on Mac OS X VMs. Successful exploitation of this issue may allow a privileged local user on a system where System Integrity Protection (SIP) is enabled, to obtain kernel memory addresses to bypass the kASLR protection mechanism. SIP is default enabled in the latest versions of Mac OS X. There are no known workarounds for this issue...
b. VMware Fusion Information disclosure:
An information disclosure vulnerability is present in VMware Fusion. Successful exploitation of this issue may allow a privileged local user on a system where System Integrity Protection (SIP) is enabled, to obtain kernel memory addresses to bypass the kASLR protection mechanism. SIP is default enabled in the latest versions of Mac OS X. There are no known workarounds for this issue...
4. Solution:
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware Fusion 8.5  
Downloads and Documentation:
- https://www.vmware.c.../downloadfusion
VMware Tools 10.1.0
Downloads:
- https://my.vmware.co...0&productId=491
Documentation:
- http://pubs.vmware.c...ease-notes.html

- http://www.securityt....com/id/1037102
CVE Reference: CVE-2016-5328
Oct 26 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): VMware Tools 9.x, 10.x; running on OS X guest virtual machines ...
Impact: A local user can bypass ASLR protections on the target system.
Solution: The vendor has issued a fix (VMware Tools 10.1.0)...

- http://www.securityt....com/id/1037103
CVE Reference: CVE-2016-5329
Oct 26 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Fusion 8.x ...
Impact: A local user can bypass ASLR protections on the target system.
Solution: The vendor has issued a fix (VMware Fusion 8.5)...
 

Edited by AplusWebMaster, 26 October 2016 - 06:08 AM.

[AplusWebMaster]

FYI...

VMSA-2016-0018 - VMware product updates address local privilege escalation vuln in linux kernel
- https://www.vmware.c...-2016-0018.html
2016-11-09
Severity: Important
CVE numbers: CVE-2016-5195
1. Summary: VMware product updates address local privilege escalation vulnerability in linux kernel
2. Relevant Products
    VMware Identity Manager
    vRealize Automation
    vRealize Operations
3. Problem Description: Local privilege escalation vulnerability in linux kernel
The Linux kernel which ships with the base operating system of VMware Appliances contains a race condition in the way its memory subsystem handles copy-on-write (aka “Dirty COW”). Successful exploitation of the vulnerability may allow for local privilege escalation. The product lines listed in this advisory have been confirmed to be affected.
VMware products that are not affected are documented in VMware Knowledge Base article 2147515:
- https://kb.vmware.co...ernalId=2147515
Resolution: vSphere ESXi Hypervisor
ESXi is not affected by CVE-2016-5195.
Windows based products:
Windows based products, including all versions of vCenter Server running on Windows, are not affected by CVE-2016-5195.
VMware products that run on Linux:
VMware products that run on Linux (excluding virtual appliances) might use a vulnerable kernel as part of the base operating system. VMware recommends that customers contact their operating system vendor for resolution.
VMware Workstation for Linux is an example of this type of product.
VMware Virtual Appliances:
vSECR has determined that some virtual appliances are affected by CVE-2106-5195, but the severity of the issue varies widely from product to product. Affected products and remediation paths are announced in VMSA-2016-0018..."
4. Solution:
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vRealize Operations:
Downloads and Documentation:
- https://kb.vmware.com/kb/2147630
- https://kb.vmware.com/kb/2147668
- https://kb.vmware.com/kb/2147667
- https://kb.vmware.com/kb/2147666
- https://kb.vmware.com/kb/2147664