VMware, a cloud computing software, finally restores the affected version of vCenter Server’s IWA (Integrated Windows Authentication) mechanism. vCenter Server’s vulnerability also infected the VMware’s Cloud Foundation hybrid cloud platform deployments.
Initially, the attackers exploited the server and gained illegal access to the vCenter Server deployments. Attackers used the server to upgrade their own benefits from the vCenter’s Server.
Although, only a single restoration patch has been issued by the VMware, rest of the patches for the other affected versions are still pending. However, VMware has provided a temporary fixation to remove the virus in one of the affected server.
In order to stop the cyberattacks, VMware has advised the operators to switch to the Active Directory over LDAPs authentication OR Identity Provider Federation for AD FS (vSphere 7.0 only).
vCenter Server is the centralized management utility for VMware which is used to control and manage the virtual machines, ESXi hosts and other components. Also, the server enables the operators to manage the vSphere infrastructure from a centralized location.
