A security advisory released today by stratsec warns of a security weakness in a third party component used by many software companies including VMware, potentially allowing the theft of user credentials. The vendor of the third party component - WebWorks - worked with VMWare and stratsec for approximately six months to develop the necessary patches to minimise the security risk to their clients. Full details of the exploit, including remediation instructions, can be found under the Research section of the stratsec website under the 'Advisories' link:
For more information check out our media release which also features the appointment of Laurent Gaffie; a key addition to the stratsec Research team who are leading the charge in identifying and resolving vulnerabilities and research in this region.