back to article VMware reveals a swarm of serious bugs – some critical

VMware has revealed more critical bugs that impact five of its products, including the Cloud Foundation bundle it advances as the ideal way to build a hybrid multi-cloud. CVE-2022-22954, 22955 and 22956 are the worst of the new bugs – all earning a 9.8/10 severity score on the CVSS scale. The first impacts VMware Workspace …

  1. sanmigueelbeer
    Coat

    I guess I know what some of you will doing over the weekend.

  2. Version 1.0 Silver badge
    Unhappy

    "VMware is a company that thrives on profound reinvention"

    This is universal ... every corporation keeps this under the table but bugs are a feature these days. A bug means that users have to update to the new versions, and when you update then your information is collected so bugs are quite profitable ... look at Google issuing "updates" to the phone apps every day now, most other companies are learning a lot from this and following the profitable bug methods at a slower rate.

    Back in the old days a programmer who left bugs in their code all the time would get fired, these days they get promoted to upper management.

    1. Anonymous Coward
      Anonymous Coward

      Re: "VMware is a company that thrives on profound reinvention"

      These days programmers are pulling so much code from libraries they have little control over.

      It might speed up MVP, but it's a foundation your application might soon be beholden to.

  3. jvf

    here we go again

    Once again I have to ask: How does this keep happening (serious flaws in almost every application)? Are coders really this bad or are these applications so complicated that these scenarios are impossible to avoid? If they’re so complicated how come other people keep finding these vulnerabilities? If someone else found them why didn’t the company in question have its own bug finder on staff? I just don’t get it.

  4. wsm

    Once upon a time

    VMWare, even the free ESXI, was once much more useful than any Microsoft or Oracle product for virtual servers, especially for spinning off Linux web servers so you could do real sites without the cringe-worthy IIS. Now, Microsoft has learned from (or stolen from) VMWare, AWS et al.

    Times have changed and, like everything else, not always for the best.

  5. man_iii

    Bugs or CVE

    Did VMware manage to fix their SSD issues yet? Still haven't seen that bugfix vulnerability patch released by VMware yet. What does it matter if VMware fixes most of the serious flaws but leaves the functional issues since esxi v7 was released.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like