VMware vCenter Log4j Patches Available

As of yesterday, VMware released the vCenter Log4j fixes for releases 6.5 and 6.7 of both their vCenter Server Appliance and vCenter Server (for Windows). Combined with the previously released vCenter 7.0 patch, VMware now offer complete protection against the currently disclosed Log4j vulnerabilities within the VMware vCenter product. What version do I need? Depending… Continue reading VMware vCenter Log4j Patches Available

VMware Log4j Vulnerabilities Confirmed

I don’t often dedicate a blog post to a particular security vulnerability, but since it has scored a perfect 10 CVE rating, it’s important to be aware ASAP. VMware have identified multiple products that utilise the Apache technology that are vulnerable to the Log4j vulnerability. What is this “Log4j” vulnerability? A Remote Code Execution (RCE)… Continue reading VMware Log4j Vulnerabilities Confirmed