Security Update:VMware Product Updates Address Multiple Bash Critical Security Vulnerabilities
Date and Time
VMware released a new security advisory VMSA-2014-0010 to announce the Bash libraries have been updated in multiple products to address multiple critical Bash security vulnerabilities.
Advanced Users: For a complete description of the security enhancement and affected software refer to VMware Security Advisory VMSA-2014-0010 at http://www.vmware.com/security/advisories/VMSA-2014-0010.html.
- VMware (virtual) appliances
- Products that run on Linux, Android, OSX or iOS (excluding virtual appliances)
WHAT'S THE PROBLEM?
The most severe vulnerability could lead to unauthorized user to take control of your computer.
HOW DO I PROTECT MY COMPUTER?
- If IT Field Services or you have other IT support, no action on your part is required.
- If you do not have IT support, updates and mitigation strategies may be obtained through VMware Security Advisory VMSA-2014-0010 at http://www.vmware.com/security/advisories/VMSA-2014-0010.html.
- Vulnerability Summary for CVE-2014-6271 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
- Vulnerability Summary for CVE-2014-7169 - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169
- Vulnerability Summary for CVE-2014-7186 - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7186
- Vulnerability Summary for CVE-2014-7187 - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7187
- ITS Security & Policy at http://it.ucsf.edu/security