The patch, published on the VMware security advisory, is updated regularly with new information. The UK's National Health Service (NHS) warned last month that hackers were attempting to exploit a Log4J vulnerability in VMware Horizon servers to establish web shells, allowing attackers to distribute malware and ransomware, steal sensitive information, and complete other malicious attacks.Īs stated by a VMware spokesperson, VMware Horizon products remain vulnerable to critical Apache Log4j/Log4Shell vulnerabilities unless properly patched or mitigated using the patch VMSA 2021-0028, which was first published on Dec. VMware plug-in must be uninstalled and the full VMware client. But that's not all, Log4j continues to be seen as the main vulnerability abused in malware infections, crypto mining and more. Some users have reported issues with printing through the VMs online. Recently, an initial access broker group dubbed Prophet Spider has been spotted abusing the Log4j vulnerability to gain access to victim networks. Although VMware already released a patch for its Horizon Servers in December, many users have not yet updated their systems - at the risk of a Log4j exploit attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |