back to article VMware Horizon platform pummeled by Log4j-fueled attacks

VMware's Horizon virtualization platform has become an ongoing target of attackers exploiting the high-profile Log4j flaw to install backdoors and cryptomining malware. In a report this week, cybersecurity firm Sophos wrote that VMware's virtual desktop and applications platform has been in the crosshairs since late December, …

  1. JohnSheeran
    Joke

    Deploying the patch without fixing the environment that is compromised is like wearing a condom after you have the STD.

    1. Anonymous Coward
      Anonymous Coward

      ?? Its a logging daemon that's affected so the only environmental fix is either install the entire OS from scratch or turn the computer off, neither of which should be needed. Or so I think as nobody has mentioned malicious patches to a SSH daemon or shell or whatever. Those would normally be caught on update (if the computer is updated) which is why I think they were dropping thier on binaries onto the system.

  2. Lorribot

    This is going to be an ongoing issue

    One of the problems this has highlighted is the disclosure of this vulnerability came after the software was patched but before all the companies that used it were able to test across there own stack and provide the required updates to customers, as such you are left waiting for software patches from companies scrambling to do testing and releasing half fixes and thus the window is wide open for being hit by miscreants. VMware suffered badly as their software is external facing by design so would have high exposure..

    Disclosure is a major issue with OSS components like Log4J as it is only worried about the source developers not how it is used in the real world over which they have no control or even knowledge.

    On a separate note it was surprising how many companies said they weren't affected as they shipped with v1, which went out of support in 2016 and has a number of unpatched CVEs against it, v1 is even shipped/installed with SQL 2019 which was released 3 years after the software was end of life and still gets copied on to drives when you install SQL. Nice one Microsoft.

  3. Anonymous Coward
    Anonymous Coward

    I thought Horizon was a managed environment?

    I thought Horizon was a managed environment? So unless you yourself installed something that included Log4J can't VMWare just update/patch them centrally?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like