VMware warns admins to patch ESXi servers, disable OpenSLP service

06-Feb-23

In a widespread campaign of ransomware assaults on Internet-exposed and vulnerable ESXi servers, VMware today issued a warning to customers advising them to stop the OpenSLP service and apply the most recent security upgrades. The firm also stated that this service is deactivated by default in ESXi version updates released since 2021, proving that the attackers are not taking advantage of a zero-day vulnerability. Additionally, according to VMware, the threat actors go after products that are “substantially out-of-date” or have already passed their End of General Support (EOGS) date. The majority of complaints claim that known vulnerabilities that have already been patched and reported in VMware Security Advisories (VMSAs) are being targeted against End of General Support (EOGS) and/or severely out-of-date products.

Read More…