The Heartbleed bug is a bug in the open-source cryptography library OpenSSL which allows an attacker to read the memory of a server or a client, allowing them to retrieve for example server ssl private keys. Examinations of audit logs appear to show that some attackers may have exploited the flaw for 5 months before it was rediscovered and published.
VMware also has published KB Article for the impacted Products
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=2076225&src=vmw_so_vex_mmakh_407
http://blogs.vmware.com/vcloud/2014/04/vcloud-hybrid-service-not-affected-openssl-heartbleed-bug.html?&src=vmw_so_vex_mmakh_407
http://blogs.vmware.com/vcloud/2014/04/vcloud-hybrid-service-not-affected-openssl-heartbleed-bug.html?&src=vmw_so_vex_mmakh_407
Not Affected Products
These VMware products that ship with OpenSSL 0.9.8 have been confirmed to be unaffected:
- ESXi/ESX 4.x
- ESXi 5.0
- ESXi 5.1
- VMware Fusion 5.x
- VMware vCenter Server 4.x
- VMware vCenter Server 5.0
- VMware vCenter Server 5.1
- VMware vCenter Server Appliance (vCSA) 5.x
- VMware vCloud Automation Center (vCAC) 6.x
- VMware Horizon Mirage 4.3.x and earlier
- VMware Update Manager (VUM)
- VMware vCenter Orchestrator (vCO)
- VMware vCloud Director (vCD)
- VMware vCenter Operations Manager (vCOps)
- VMware vCenter Site Recovery Manager (SRM)
- VMware vCenter Configuration Manager (vCM)
- VMware vSphere Storage Appliance (VSA)
- VMware Workstation
- VMware Player
- VMware ThinApp
- VMware vFabric Postgres
- VMware vCloud Networking and Security (vCNS) 5.1.2 and below
- VMware vCloud Networking and Security (vCNS) 5.5.0
- NSX-MH 3.0 – 3.2
- VMware View 4.x
- VMware Horizon View 5.x
- VMware Horizon View 5.2 Feature Pack 1
- VMware Horizon View Clients 1.x
- VMware Horizon View Clients 2.0.x
- VMware Horizon Workspace Client for Macintosh 1.0.0
- VMware Horizon Workspace Client for Macintosh 1.5.0
- VMware Horizon Workspace Client for Windows 1.0.0
- VMware Horizon Workspace Client for Windows 1.5.0
Affected Products
These VMware products that ship with OpenSSL 1.0.1 have been confirmed to be affected:
- ESXi 5.5
- vCenter Server 5.5
- VMware Fusion 6.0.x
- VMware vCloud Automation Center (vCAC) 5.1.x
- VMware vCloud Automation Center (vCAC) 5.2.x
- VMware Horizon Mirage 4.4.0
- vFabric Web Server 5.0.x – 5.3.x (For remediation details, see the Security Advisory on Critical Updates to vFabric Web Serverdocument.)
- VMware vCloud Networking and Security (vCNS) 5.1.3
- VMware vCloud Networking and Security (vCNS) 5.5.1
- NSX-V 6.0.x
- NSX-MH 3.3
- NSX-MH 4.x
- VMware Horizon View 5.2 Feature Pack 2
- VMware Horizon View 5.3 Feature Pack 1
- VMware Horizon View Clients 2.1.x
- VMware Horizon View Clients 2.2.x
- VMware Horizon View Clients 2.3.0
- VMware Horizon View Clients 2.4.0
- VMware Horizon Workspace 1.0
- VMware Horizon Workspace 1.5
- VMware Horizon Workspace 1.8
- VMware Horizon Workspace Client for Macintosh 1.5.1
- VMware Horizon Workspace Client for Macintosh 1.5.2
- VMware Horizon Workspace for Macintosh 1.8
- VMware Horizon Workspace Client for Windows 1.5.1
- VMware Horizon Workspace Client for Windows 1.5.2
- VMware Horizon Workspace for Windows 1.8
I gather more information through this article, so please keep me informed of any update in this regard. For more relevant articles click on: how to recover deleted datacustom filedisk image softwareretrieve deleted files windowsdiskdiggerdiskdigger prousb drivedownload diskdigger