All the latest UK technology news, reviews and analysis

VMware posts updates for security flaws

17 Nov 2012
VMware logo

VMware his issued a security update to address denial of service flaws in its vSphere and ESX platforms.

The company said that the update would address a flaw in the vSphere API which. If exploited, would allow an attacker to perform a denial of service attack capable of disabling the target server.

According to VMware, the flaw exists in the way vSphere handles API requests. By sending a specially crafted API request to the targeted server, the attacker would be able to cause the system to crash.

The company said that the flaw exists in both its ESX and ESXi offerings.

In addition to the security patch, the company is releasing security updates for a number of open source components used by the ESX Service Console.

VMware is advising administrators to update both ESX and ESXi in order to protect against the vulnerability.

Eric Chiu, president and founder of virtualisation security firm HyTrust, said that as virtualised deployments become more common, keeping hypervisor and virtualisation platforms patched and secured has become a growing concern for enterprises.

"This really shows how vulnerabilities can be exploited, and how important it is to secure today's virtualisation and cloud environments," Chiu said.

"After all, this is the new 'OS' of the datacenter and provides access to the virtual machines, the virtual network and mission critical enterprise applications, and the virtualised storage resources as well."

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols

Shaun Nichols is the US correspondent for He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus

IT curriculum poll

With coding now compulsory in schools, how important are digital skills for the next generation of school leavers?

Popular Threads

Powered by Disqus
V3 Security Summit

V3 Security Summit Day 2: Botnet, skills and BYOD intelligence incoming

Keep V3 bookmarked for news updates on all the key security concerns and topics facing businesses

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

E-Learning Developer - Sheffield

An E-Learning Developer is required for 3 months initially...

Senior C++ or C# Developer

This is an excellent opportunity for an experienced C...

Cloud Computing Integration (Software Engineer)

Cloud Computing Integration (Software Engineer) BAE...

Equities Back Office Support/SIMCORP - Fund Manager - Abu Dhabi

Equities Back Office Support Analyst/SimCorp - Fund Manager...
To send to more than one email address, simply separate each address with a comma.