VMware Releases New Security Updates

VMware released three new Security updates.  Two are new releases,one is an update to a previously released update. See the details below;

VMSA-2019-0008.2

VMSA-2019-0008.2- VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Micro-architectural Data Sampling (MDS) Vulnerabilities(CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)

 

Please see the updated advisory here: https://www.vmware.com/security/advisories/VMSA-2019-0008.html

 

Changelog:

 

2019-11-12:VMSA-2019-0008.2

Updated security advisory with patches for the ESXi 6.7, Workstation 15, and Fusion 11 release lines which resolve a regression that causes Hypervisor-Specific Mitigations for L1TF (CVE-2018-3646) and MDS (CVE-2018-12126, CVE-2018-12127,CVE-2018-12130, CVE-2019-11091) to be ineffective.

 

 

VMSA-2019-0020

 

VMSA-2019-0020- VMware ESXi, Workstation, and Fusion patches provide Hypervisor-Specific Mitigations for Speculative-Execution Vulnerabilities (CVE-2018-12207,CVE-2019-11135)

 

Please see the advisory here: https://www.vmware.com/security/advisories/VMSA-2019-0020.html

 

Impacted Products:

 

VMware ESXi

VMware Workstation

VMware Fusion

 

VMSA-2019-0021

 

VMSA-2019-0021- VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2019-5540, CVE-2019-5541, CVE-2019-5542)

Please see the advisory here:

https://www.vmware.com/security/advisories/VMSA-2019-0021.html

 

Impacted Products:

VMware Workstation Pro / Player (Workstation)

VMware Fusion Pro / Fusion (Fusion)