VMware released a Security Patch for ESXi 5

VMware has publish a security fix for their current ESX Server. There is a vulnerability which might allow an attacker to manipulate the traffic from a remote virtual device to cause the virtual machine to crash. Another vulnerability might allow an attacker with the ability to load a specially crafted checkpoint file to execute arbitrary code on the host.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-3288 and CVE-2012-3289 to this issues. Please note that this is not the privilege escalation vulnerability which in everybody's mouth at the moment. VMware products are not affected by this issue (CVE-2012-0217).

The latest ESXi 5.0.0 Build number is now: 721882
Also affected: ESX(i) 4.1, ESX(i) 4.0, ESX(i) 3.5
Updated: ESXi Release and Build Number History

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>