VMware Security Advisories (VMSAs) - VMware

VMware

Security Advisories are the official notification of security-related vulnerabilities and issues impacting VMware products. Security Advisories outline complete information on how to protect impacted systems. Each advisory contains a detailed description of the security vulnerability, affected systems, threat severity, risk mitigation techniques for fixing the vulnerability and securing the system.

VMware Security Advisories

November 6, 2008 VMSA-2008-0018

VMware Hosted products and patches for ESX and ESXi resolve two security issues

October 31, 2008 VMSA-2008-0017.1

Updated ESX packages for libxml2, ucd-snmp, libtiff

October 3, 2008 VMSA-2008-0016.2

VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

September 18, 2008 VMSA-0008-0015

Updated ESXi and ESX 3.5 packages address critical security issue in openwsman

September 2, 2008 VMSA-2008-0014.3

Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.

August 12, 2008 VMSA-2008-0013.3

Updated ESX packages for OpenSSL, net-snmp, perl

August 12, 2008 VMSA-2008-0012

Updated VirtualCenter addresses User Account Disclosure Vulnerability

July 28, 2008 VMSA-2008-0011.3

Updated ESX service console packages for Samba and vmnix

June 16, 2008 VMSA-2008-0010.3

Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter

June 4, 2008 VMSA-2008-0009.2

Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

May 30, 2008 VMSA-2008-0008

Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues

April 16, 2008 VMSA-2008-0007.2

Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus

April 4, 2008 VMSA-2008-0006.1

Updated libxml2 service console package

March 17, 2008 VMSA-2008-0005.1

Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line.

March 3, 2008 VMSA-2008-0004.1

Updated e2fsprogs service console package

February 21, 2008 VMSA-2008-0003.1

Updated aacraid driver and Samba and Python service console updates

January 22, 2008 VMSA-2008-0001.1

Updated service console patches.

January 7, 2008 VMSA-2008-0002.1

Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.

September 18, 2007 VMSA-2007-0006

Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam,...

July 5, 2007 VMSA-2007-0005

Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.

May 17, 2007 VMSA-2007-0004.1

Multiple Denial-of-Service issues fixed. A directory traversal vulnerability is also addressed.

April 2, 2007 VMSA-2007-0003

ESX 3.0.1 and 3.0.0 patches address several security issues.

March 30, 2007 VMSA-2007-0002

Updated ESX Patches address several security issues.

January 8, 2007 VMSA-2007-0001

Updated ESX Patches address several security issues.

Support > Support Resources > Security Center > Advisories

Sign-up for Security Notifications

Validation & Certifications

Information about our products validated against standards set by FIPS, Common Criteria and other leading bodies.

View all certifications