VMware fixes critical code execution flaw in vCenter Server
(www.bleepingcomputer.com)
from MazonnaCara89@lemmy.ml to technology@lemmy.ml on 26 Oct 2023 12:34
https://lemmy.ml/post/7048348
from MazonnaCara89@lemmy.ml to technology@lemmy.ml on 26 Oct 2023 12:34
https://lemmy.ml/post/7048348
#technology
threaded - newest
It wouldn’t be a day ending in Y if VMware didn’t release a patch that solved some major security bug.
From the other side of the fence, the software is extremely complicated. I’ve done work with emulators and I’m certain it was full of security bugs because your effort is focused on getting it working at all.
You might say it should be implemented in a memory safe systems language. I agree completely, but it costs too much to redevelop emulated hardware from scratch.
Wow, that’s a doozy, though. Remote access, low complexity and unauthenticated - and it grants remote code execution? Holy shit… I wonder what context the execution happens in (I’m guessing it’s bad if it’s being talked about as an emergency change)