vulnerability
-
Security
Automate Follina Vulnerability Workaround with PowerShell
In case you haven’t been keeping up with the big security news released in the past few days, there is a new and very dangerous vulnerability, known as “Follina” and captured in the CVE, CVE-2022-30190. It is definitely a vulnerability…
-
Security
VMware Horizon Log4j patch workaround
The fallout from the Log4j vulnerability continues to make ripples across organizations at the time of year when the last thing many want to hear about is a major security bug. Nonetheless, businesses are having to scramble to remediate and…
-
Security
VMware vCenter Server Log4j patch script remediation process
In case you haven’t heard, Apache Log4j is arguably the biggest vulnerability found across the board since Spectre/Meltdown vulnerabilities were disclosed, due to the sheer scope of the vulnerability. It is found everywhere and unfortunately, is found across a large…
-
Security
Critical Vulnerability in Apache Log4j CVE-2021-44228 is VMware affected?
Well, unfortunately, it seems like we are ending the year on a dangerous critical vulnerability. Just a couple of days ago, a critical vulnerability in Apache Log4j identified by CVE-2021-44228 was posted. It is a bad one. We are going…
-
Security
Patch vCenter Server Critical Security Bug CVE-2021-22005 Download
Security concerns related to our VMware vSphere environments keep us up at night, and with good reason. Critical security bugs that affect your hypervisor virtualization environment can give an attacker the “keys to the kingdom.” It could potentially allow them…
-
Security
Monitor for ZeroLogon Vulnerability Events in Active Directory
Late in the Summer, Microsoft released patches for one of the most critical vulnerabilities that we have seen in quite some time. Using this vulnerability, an attacker could completely “own” your network and do anything they want to do. The…
-
ActiveDirectory
Active Directory LDAP Channel Binding Patch Coming in March
Update – It appears that Microsoft will not be changing the defaults with the rollouts in March https://blogs.vmware.com/vsphere/2020/01/microsoft-ldap-vsphere-channel-binding-signing-adv190023.html Have you heard about the change coming to the way connections will be made by default to Active Directory? Microsoft is has…
-
Security
Automate CurveBall Crypt32.dll Patching
With the recent developments with CurveBall Crypt32.dll, everyone is no doubt thinking about patching their Windows environments and doing this quickly. Even if you have WSUS in play, you may want to do something a little more proactive on your…
-
VMware
VMware ESXi Successful VM Escape at GeekPwn2018 Security Patch
So VM escape is one of those subjects that has been written about for years and the possibility of being able to access the hypervisor host from within a virtual machine. However, up until just a few days ago, no…
-
Security
New Intel Vulnerability Foreshadow L1 Terminal Fault VMware Affected
Yet another security vulnerability has been discovered that is based on the Spectre and Meltdown attacks found in Intel processors. The new exploit is called Foreshadow and exploits Intel’s SGX technology which is ironically designed to protect sensitive data such…
- 1
- 2