VMware issued an updated fix for a critical-severity remote code execution flaw in its ESXi hypervisor products.
Wednesday’s VMware advisory said updated patch versions were available after it was discovered the previous patch, released Oct. 20, did not completely address the vulnerability. That’s because certain versions that were affected were not previously covered in the earlier update.
“Updated patch versions in the response matrix of section 3a after release of ESXi patches that completed the incomplete fix for CVE-2020-3992 on 2020-11-04,” said Oracle’s updated advisory.
Read more…
Source: ThreatPost