- How I turned this 98-inch TV into an immersive theater system (and it's $1,500 off)
- I trust this smart lock to keep my home and family safe, and it's on sale
- Your data's probably not ready for AI - here's how to make it trustworthy
- Infoblox, Google Cloud partner to protect hybrid and multicloud enterprise resources
- Google joins OpenAI in adopting Anthropic's protocol for connecting AI agents - why it matters
VMware ESXi gets critical patches for in-the-wild virtual machine escape attack
Broadcom released emergency patches for its VMware ESXi, Workstation, and Fusion products to fix three vulnerabilities that can lead to virtual machine escape and are actively being exploited by attackers. Products that include VMware ESXi, such as VMware vSphere, VMware Cloud Foundation, and VMware Telco Cloud Platform, are also impacted.
VMware products, especially the ESXi enterprise hypervisor, are high-value targets and have been repeatedly attacked by cybercriminal and cyberespionage groups over the years. Hypervisors, or virtual machine monitors, are the virtualization software used to create and run virtual machines.
Virtual machine escapes, in which an attacker with access to a guest VM can take over the entire host server, are the most serious hypervisor attacks because they violate the core security principle that virtualization is supposed to offer: complete isolation between guest operating systems and the host OS.
