Home > Blogs > VMware Security & Compliance Blog > Monthly Archives: August 2017

Monthly Archives: August 2017

VMware Security Response Center @ VMworld 2017

For  those visiting VMworld, come and meet VMware Trust and Assurance (which includes VMware Security Response Center) in Las Vegas next week or in Barcelona in three weeks from now. Bring your questions and concerns on security issues in our products and services, and how we address these. We would also like to have feedback on the VMware Security Advisories  and our patch policies.

How to find us? We  are accepting 1:1 meetings at VMworld. If  you would like to schedule a meeting please contact your Technical Account Manager with a general idea of what you would like to speak with us about and we will  schedule time with you. Alternatively just come and meet us; we are stationed in the Listening Post located in the VM Village. This is the lounge area with seats and games on the top floor.

We share the Listening Post with other teams and they would be delighted with your visit as well! They are Support, Customer advocacy, and the Information Experience, Quality Assurance, and Product Globalization teams of the VMware R&D Central Organization.

Update August 28
We are ready to roll tomorrow when VMworld opens! Come by the Listening Post in the VM Village and talk to us about your challenges and suggestions regarding the security of our products. Our co-workers will be there to discuss quality, support, documentation, and globalization.

New VMware Security Advisory VMSA-2017-0014

Today, VMware has released the following new security advisory:

VMSA-2017-0014 – VMware NSX-V Edge updates address OSPF Protocol LSA DoS

The advisory documents a hard to exploit denial of service vulnerability in the implementation of the OSPF protocol in NSX-V Edge (CVE-2017-4920). This issue is present due to incorrect handling of link-state advertisements (LSA). NSX-V Edge 6.2.8 and NSX-V Edge 6.3.3 address the issue.

We would like to thank Adi Sosnovich, Orna Grumberg and Gabi Nakibly for reporting this issue to us.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.

Customers should review the security advisory and direct any questions to VMware Support.