DHS orders federal agencies to patch VMware bugs within 5 days

The Department of Homeland Security’s cybersecurity unit ordered Federal Civilian Executive Branch (FCEB) agencies today to urgently update or remove VMware products from their networks by Monday due to an increased risk of attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 22-03 on Wednesday after VMware patched two new vulnerabilities (CVE-2022-22972 and CVE-2022-22973) today, auth bypass and a local privilege escalation affecting multiple products.

In April, VMware patched another set of critical vulnerabilities, a remote code execution bug (CVE-2022-22954) and a ‘root’ privilege escalation (CVE-2022-229600) in VMware Workspace ONE Access and VMware Identity Manager.

While today’s VMware bugs are not yet exploited in the wild, attackers started exploiting the ones fixed in April within 48 hours after reverse-engineering the update to deploy coinminers and install backdoors.

The complete list of VMware products impacted by these four security bugs includes:

  • VMware Workspace ONE Access (Access)
  • VMware Identity Manager (vIDM)
  • VMware vRealize Automation (vRA)
  • VMware Cloud Foundation
  • vRealize Suite Lifecycle Manager

VMware said about all four security flaws that they “should be patched or mitigated immediately,” adding that their ramifications “are serious.”

Agencies ordered to patch or disconnect until Monday

CISA determined that all these security flaws pose an unacceptable risk to federal agencies and has ordered them to take emergency action to patch them against CVE-2022-22972 and CVE-2022-22973 within 5 days, by May 23.

“This determination is based on the confirmed exploitation of CVE-2022-22954 and CVE-2022-22960 by threat actors in the wild, the likelihood of future exploitation of CVE-2022-22972 and CVE-2022-22973, the prevalence of the affected software in the federal enterprise, and the high potential for a compromise of agency information systems,” the cybersecurity agency said.

“CISA expects threat actors to quickly develop a capability to exploit these newly released vulnerabilities in the same impacted VMware products.”

According to the new emergency directive, all FCEB agencies have to take the following actions by 5 PM EDT on Monday (May 23, 2022):

  1. Find all impacted VMware products on their networks and deploy updates or remove them from the network until they can be patched.
  2. Assume compromise for all Internet-exposed impacted VMware products, conduct threat hunt activities, and report any anomalies to CISA.

By 12 PM EDT on Tuesday (May 24, 2022), all agencies should report the status of all VMware instances found on their networks using Cyberscope.

“This Emergency Directive remains in effect until CISA determines that all agencies operating affected software have performed all required actions from this Directive or the Directive is terminated through other appropriate action,” CISA added.

NEWS RELATED

Susanna Reid praised for ‘absolutely skewering’ Dominic Raab in car crash GMB interview 

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video Viewers of Good Morning Britain praised Susanna Reid for holding Dominic Raab to account after reports Boris Johnson was briefed about allegations about Chris Pincher.  Deputy Prime Minister Mr Raab appeared ...

View more: Susanna Reid praised for ‘absolutely skewering’ Dominic Raab in car crash GMB interview 

Sydney’s fourth flood emergency in 16 months now affecting 50,000 residents

RICHMOND, Australia —  Hundreds of homes have been inundated in and around Australia’s largest city in a flood emergency that is causing trouble for at least 50,000 residents, officials said Tuesday. Emergency-response teams made 100 rescues overnight of people trapped in cars on flooded roads or in inundated homes in the ...

View more: Sydney’s fourth flood emergency in 16 months now affecting 50,000 residents

Treasury Yields Fall as Recession Fears Continue to Dampen Risk Sentiment

Markets reopened on Tuesday following the July Fourth holiday after the major averages finished another losing week, compounding one of Wall Street’s worst first halves in decades. In this shortened holiday week, investors are looking ahead to the release of June jobs report data on Friday. U.S. Treasury yields retreated ...

View more: Treasury Yields Fall as Recession Fears Continue to Dampen Risk Sentiment

How to watch Australia vs England second test: TV channel, UK kick off time & betting odds for rugby tour

England’s side are getting set for as their summer test series against the Wallabies continues this weekend. Eddie Jones’ side suffered a 30-28 defeat in Perth last Saturday, , and will need a win in Brisbane to keep their hopes of an overall series win alive. A victory for the ...

View more: How to watch Australia vs England second test: TV channel, UK kick off time & betting odds for rugby tour

Flying around the world — and back home again — in 'Imagine a City'

Knopf Many people are taking to the skies this summer, planning exotic vacations after two-plus years of being largely grounded by the pandemic. Even if you’re not yet ready to brave crowded airports and long lines at TSA, you can still visit some of the world’s great cities from ...

View more: Flying around the world — and back home again — in 'Imagine a City'

'Outrageous transgressions': SC's observations against Nupur Sharma slammed

A group of former judges and bureaucrats on Tuesday criticised the recent Supreme Court observations against suspended BJP member Nupur Sharma, alleging that the apex court surpassed the “Laxman rekha” and calling for “urgent rectification” steps. “In the annals of judiciary, the unfortunate comments have no parallel and are ...

View more: 'Outrageous transgressions': SC's observations against Nupur Sharma slammed

Barcelona presented with unique Cristiano Ronaldo vs Robert Lewandowski transfer dilemma

jQuery(function(){ if (typeof jwplayer_load == typeof indefined) { var jwplayer_load = 1; jQuery(window).load(function(){ jQuery(".sc_video_shortcode_jwplayer").each(function(){ var _this = $(this); jQuery.get(jQuery(this).attr("url"), function(data, status){ if (typeof data.split("\n") !== typeof undefined) { var src = data.split("\n")[4]; src = src.replace(".m3u8", ""); _this.attr("src", src); } }); }); }); } }); Cristiano Ronaldo ’s future is ...

View more: Barcelona presented with unique Cristiano Ronaldo vs Robert Lewandowski transfer dilemma

NHS to deliver chemotherapy drugs via drone in revolutionary new 'same day delivery'

Drugs including vital chemotherapy medicine will be flown by drone between NHS sites to speed up the delivery of lifesaving medicines. A pilot scheme is being launched to use drones to enable “same-day delivery” orders for drugs and equipment from anywhere in the country. The trial will see a drone ...

View more: NHS to deliver chemotherapy drugs via drone in revolutionary new 'same day delivery'

Chelsea's Cristiano Ronaldo transfer issue as Todd Boehly and Thomas Tuchel differ on views

Man City facing up to nightmare Erling Haaland reality with release clause set to plummet

Adele tells fans 'I love you' as she hears them singing on drive home from Hyde Park gig

5 things noticed from Man Utd training as senior stars taste first Erik ten Hag session

10 hottest Championship prospects attracting Premier League transfer attention

Conor McGregor fans "can't understand a word" of UFC star's "tasty tasty" video

Analyst: AMD’s PC Revenue To Drop 26 Percent in 2022 YoY

Lisandro Martinez begs Ajax board to let him leave as Manchester United and Arsenal battle it out for Argentine

‘We’re secret digital nomads – our bosses have no idea we’re working abroad’

Marvelous Mrs Maisel star Rachel Brosnahan feels ‘sick to my stomach’ following July 4 hometown shooting

Growth improves in UK service sector but new orders slow to 16-month low

Chicago shooting: Person of interest arrested after six killed in July 4 parade attack

OTHER NEWS