VMware Releases Security Update (CVE-2021-21982) – 2021-04-01

Preface: From developing anti-virus till today. The trend is Analyse attackers’ behaviour patterns to detect and conducting defence.

Product background: Carbon Black Cloud Workload is a data center security product that protects your workloads running in a virtualized environment. Carbon Black Cloud Workload ensures that security is intrinsic to the virtualization environment by providing a built-in protection for virtual machines.

Vulnerability details: For more details, please refer to link – https://www.vmware.com/security/advisories/VMSA-2021-0005.html

Supplement: The technical details not announce by vendor yet.
Maybe the attached picture will provide you with hints. Apart from that when you finish the software patching or workaround. I would recommend that conduct a review of alert logging in your VMware carbon black environment. But what is the coverage (period). The way is do a review on the monthly virus detection log, find out the victim workstation which have connectivity to carbon black network segment. But the next step all depends on what you find out in the 1st step. This audit check should covered 3 month log activities.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.