Book an Intro Call
Support Center

Blog

New security patches for VMware machines

2016september8_virtualization_aSometimes technology solutions seem safer merely because they’re not widespread enough to be a lucrative target. Although increasingly popular, virtualization’s resilient protection protocols and low adoption rates tend to offset the cost vs. benefit considerations of creating an exploit. Or at least, that was the case. Late last month VMware announced an update to patch a gap that allowed attackers to compromise virtualized cloud infrastructures. We’ve compiled everything you need to know to protect yourself here.

Since its first software release in 2001, VMware has remained the leading provider of virtualization platforms, with most sources estimating double-digit leads in market share over the nearest competitor. By creating virtual environments stored on a network server or in a cloud environment, the company has given their clients the ability to create workstations, software, and even networks that can be utilized remotely. Fast forward to today, and VMware is working overtime to maintain its reputation by preempting software security vulnerabilities.

Obviously, when delivering any kind of specialized privileges over a network, adequate protection is of the utmost concern. In this case, two services for managing mobile clouds (vIDM and vRealize) were found to be vulnerable to exploits wherein users with minimal rights could cheat their way into full administrative privileges.

The security team at VMware elaborated that when executed in just one of the two services, this flaw would not be considered critical. However, when combined, it could pose an imminent threat to the security of your cloud infrastructure. To amend this oversight, ask your managed services provider or IT staff to update vIDM and vRealize to their most recent versions (2.7 and 7.1, respectively) as soon as possible. If this can’t be achieved in a realistic time frame, blocking port 40002 would act as a temporary workaround.

Sufficient security requires by-the-minute responses to the latest breaches and exploits. By partnering with us, you’ll never need to worry about checking in regarding patches or breaches you read about in the news. Instead, you’ll be hearing about them from us when we come around to install the updates. Choose the safe option — contact us today with any of your virtualization needs or questions.

Published with permission from TechAdvisory.org. Source.

Share this article:
Recent Posts
Categories
Glenn Harris
Glenn Harris

Head of Sales

Glenn leads our efforts in delivering HealthSafeIT and ProSafeIT to growing businesses looking to expand their operations and achieve success.

Brad Morrow
Brad Morrow

Head of Sales, Alabama

Brad’s focus is on delivering HealthSafeIT and ProSafeIT to our clients, ensuring they can dedicate their efforts to running their business rather than worrying about technology.

Contact Us To Learn More

Would you like to get in touch to learn more about our proven approach to managed IT services?

Fill out the form below and let’s connect.

"*" indicates required fields

Name*
Stay in the loop! Check this box to receive occasional updates and offers via SMS (optional).
This field is for validation purposes and should be left unchanged.

Don’t rely on generic IT services — partner with Stringfellow for services and solutions designed around the IT needs of your business.

Contact us today to learn how we can streamline your processes, guarantee compliance, and keep you operating at peak performance
Let's Talk
©20252023 Stringfellow Technology Group.All Rights Reserved.
Book an Intro Call
Support Center