Skip to content

Modern EUC Home | Posts

Critical Patch affecting VMware Workspace One

No one is immune to critical patches… happens in the best of family trees –

This time  it hit  VMware  and it is specific to Workspace One family of products :

On May 18, 2022 VMware released a critical security advisory, VMSA-2022-0014

This is a pretty broad vulnerability and has a very high high priority — If you are using VMware Workspace One – you need to patch ASAP —

and a good opportunity to remind everyone that about a proactive cybersecurity  is the best defense against the risk of attacks ( if you have not yet, check out Dell Technologies Managed Detection & Response Service )

This just in:

The Cybersecurity and Infrastructure Security Agency issued a new emergency directive today saying the vulnerabilities in VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager put federal networks and systems at immediate risk.

VMware called the vulnerability “critical” in a posting on its website, giving it a score of 9.8 out of 10 the company wrote in a blog post.

References:

VMSA-2022-0014: Questions & Answers | VMware

CISA issues rare emergency directive as ‘critical’ cyber vulnerabilities emerge | Federal News Network