Jake Williams on Nostr: So you create an AD group "ESX Admins" and by default, VMware is just like "oh, so ...

So you create an AD group "ESX Admins" and by default, VMware is just like "oh, so you're the admin now?!"

And then to make it dumber, VMware classifies this as a *moderate* severity, despite knowing ransomware TAs are actively using it?

I can only conclude Broadcom is not serious about security. I don't know how you conclude anything else. Oh also, there are no patches planned for ESXi 7.0.

https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/