Home > Blogs > VMware Security & Compliance Blog > Monthly Archives: March 2008

Monthly Archives: March 2008

VMware Security Advisory VMSA-2008-0005

Last Monday, we released an advisory on the security fixes that went into the latest releases of Workstation, ACE, Server, Player and Fusion. We want to make sure that you have seen the advisory and we advise to review your VMware deployments and update where appropriate.
The fixed security issues range from denial of service to overwriting of sensitive  files on the host. One of the fixed issues is the path traversal issue that was made public late February by Core Security Technologies. The OpenSSL and libpng libraries have been updated and a default setting affected the way  debuggers authenticate to the guest has been changed to a more secure  value.
As always, comments and questions on security issues in VMware’s  products are very welcome at security@vmware.com.

VMware at RSA Conference 2008

Just a headsup to the infosecurity community – drop by our booth at this year’s RSA Conference, April 7-11, 2008, to learn more about the recent VMsafe technology announcement, the new Update Manager product for online and offline VM patching, or just to talk about VMware’s security initiatives in general.  We’ll be in booth #339 on the Expo floor.

Steve Herrod, VMware’s CTO and VP of R&D, will also be speaking on a panel on future trends in virtualization and security on Friday, April 11, at 10 am (session EXP-402).  Don’t miss it!