U.S. orders federal agencies to update or remove certain VMWare products from networks


FILE PHOTO: 3D printed clouds and figurines are seen in front of the VMware cloud service logo in this illustration taken February 8, 2022. REUTERS/Dado Ruvic/Illustration

WASHINGTON (Reuters) -The U.S. cybersecurity watchdog agency on Wednesday ordered federal officials to update or remove a slew of products made by digital services company VMWare Inc, saying hackers were actively using vulnerable versions of the products to break into targeted organizations.

The Cybersecurity and Infrastructure Security Agency (CISA) said in an advisory that hackers had managed to reverse engineer recent updates made to VMWare products and were using the knowledge to target old versions and hack into unpatched devices.

The affected products include VMware Workspace ONE Access, which is meant to provide one-stop access to various digital services, and VMware vRealize Automation, which helps manage and automate complex IT processes.

CISA said that any unpatched VMWare devices still accessible from the internet should be assumed to be compromised.

VMWare, which spun off from Dell Technologies Inc last year, told its customers in a blog post that, "It is extremely important that you quickly take steps to patch or mitigate these issues in on-premises deployments."

CISA Director Jen Easterly said in a statement that the vulnerabilities in old versions of the VMWare products posed "an unacceptable risk to federal network security."

"We also strongly urge every organization – large and small – to follow the federal government’s lead and take similar steps to safeguard their networks," she said.

(Reporting by Raphael Satter; Editing by Jonathan Oatis and Richard Pullin)

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

   

Next In Tech News

Opinion: The rise of tech unions shows workers reckoning with reality
Exclusive-Meta CEO Zuckerberg: engineering hiring target for 2022 reduced to around 6,000-7,000 -employee Q&A
Google to pay $90 million to settle legal fight with app developers
U.S. CFTC charges South African company with record $1.7 billion bitcoin fraud
U.S. approves SpaceX's Starlink internet for use with ships, boats, planes
Bitcoin falls below $19,000, further shaking crypto markets
Former top Apple lawyer pleads guilty to insider trading
Crypto lender Celsius says it is exploring options
What do the ‘camping’ posts circulating on social media following the overturning of Roe v. Wade mean?
Enjoy Technology, led by ex-Apple and JC Penney executive Johnson, files bankruptcy

Others Also Read