Home > Blogs > VMware Security & Compliance Blog


New VMware Security Advisory VMSA-2016-0005

Today VMware has released the following new security advisory:

New


VMSA-2016-0005

The advisory documents remediation for a critical deserialization vulnerability in Oracle JRE, CVE-2016-3427.  VCenter Server is one of the affected products however only the local exploit scenario is relevant if the vCenter server patches and versions listed in VMSA-2015-0007 have been deployed. The advisory also documents a host privilege escalation on Workstation and Player, CVE-2016-2077.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.

Customers should review the security advisory and direct any questions to VMware Support.