Security updates are now available for VMware products affected by the Heartbleed flaw.
The OpenSSL security vulnerability, which could allow someone to access the memory of systems secured with the susceptible version of the OpenSSL software, affected 27 VMware products. VMware made patches for all 27 products available yesterday, 12 days after the OpenSSL vulnerability came to light.
Among the list of affected products are the latest versions of VMware’s most popular, including vCenter Server 5.5, ESXi 5.5 and vCloud Automation Center 6. Earlier versions that didn’t rely on OpenSSL 1.0.1 were not affected.
VMware recommends customers patch affected products, then replace security certificates and reset passwords. More information and links to patch downloads can be found in this VMware Security Advisory.