In association with heise online

22 February 2013, 14:22

VMware patches NFC, Java and SSL

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

VMware logo

With security advisory VMSA-2013-0003 VMware has release updated versions of VMware vCenter Server, ESXi and ESX. These updates close security holes in the company's Network File Copy (NFC) protocol; this is mostly used when moving virtual machines from one host to the other. Additionally, VMware caught up with security updates for OpenSSL and Java.

VMware does not go into detail on how severe the security vulnerabilities are that it has fixed. However, it is noteworthy that the company refers to Oracle's October Patch Day for the Java updates; the OpenSSL patches deal with problems in the ASN1 parser that were fixed by the OpenSSL developers in April 2012. In the meantime, a lot of things have happened, especially with regard to Java. This means users should not expect to be safe after deploying these patches.

VMware has also updated the VMSA-2012-0018 and VMSA-2013-0001 advisories.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit