Bleeping Computer

VMware urges admins to remove deprecated, vulnerable auth plug-in

VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left ...
Ars Technica

Threat posed by new VMware hyperjacking vulnerabilities is hard to overstate

Three critical vulnerabilities in multiple virtual-machine products from VMware can give hackers unusually broad access to some of the most sensitive environments inside multiple customers’ networks, ...
CSOonline

Virtual machines aren’t really more secure

I've been at several recent conferences where virtual machine (VM) and security “experts” were telling audiences how VM technology can be used to improve computer security. Wow! They are either drunk ...