--- This is a critical security advisory from VMware (VMSA) ---
Today, VMware has released the following new and updated security advisories:
VMSA-2018-0019 – Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability
VMSA-2015-0007.7 – VMware vCenter and ESXi updates address critical security issues
VMSA-2018-0019 documents the remediation of an important severity out-of-bounds read vulnerability (CVE-2018-6970) in Horizon 6, 7, and Horizon Client for Windows. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. This issue doesn’t apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems.
VMSA-2015-0007.7 was issued to add the patches for ESXi 6.0, 6.5 and 6.7 that address CVE-2015-5177. Recently, we found that this issue affects ESXi 6.0, 6.5 and 6.7.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.
Customers should review the security advisories and direct any questions to VMware Support.
The post New VMware Security Advisory VMSA-2018-0019 and Updated Security Advisory VMSA-2015-0007.7 appeared first on VMware Security & Compliance Blog.