Ransomware Targeting VMware: Apply Patches Regularly!

Bandage with binary overlaid on it

Feb 10, 2021 by Tim Lewis

“Patch Tuesday” has been in the IT lexicon for as long as I remember. For many, many years Tuesday has been Microsoft’s designated day to release patches to Windows. In recent years, due to the rise of cybercrime and ransomware, patching your systems has become infinitely more critical.

Of those who regularly apply patches, most of the attention tends to go to patching Windows.  However, if you thought just patching your Windows systems kept you safe, guess again.  According to ZDNet, cybercriminals are using VMware vulnerabilities to encrypt virtual disks from the ESXi hosts.  Specifically, they are using the CVE-2019-5544 and CVE-2020-3992 vulnerabilities.

As always, read the release notes before applying patches. Here’s a quick guide to patching and updating your systems. We like to schedule regular maintenance window after hours (usually monthly) to review and apply all patches and updates.

We urge you to add your VMware hosts to your regular patching and maintenance schedule!

If you want help setting up a patching and update schedule for your systems, we can help. Send us an email at info@mirazon.com or call us at 502-240-0404 to get started.

Press enter to search