[HN Gopher] Log4Shell Vulnerabilities in VMware Horizon Targeted...
       ___________________________________________________________________
        
       Log4Shell Vulnerabilities in VMware Horizon Targeted to Install Web
       Shells
        
       Author : iechoz6H
       Score  : 79 points
       Date   : 2022-01-08 10:26 UTC (12 hours ago)
        
 (HTM) web link (digital.nhs.uk)
 (TXT) w3m dump (digital.nhs.uk)
        
       | shakna wrote:
       | The full list of VMWare products affected is huge [0]. And it's a
       | bit disturbing how many of those are still "Patch Pending".
       | 
       | [0]
       | https://www.vmware.com/security/advisories/VMSA-2021-0028.ht...
        
         | afrcnc wrote:
         | Most are legacy
        
       | YPPH wrote:
       | This write up is impressive. Even more impressive is its source -
       | the NHS. It's always great to see exceptionally competent IT and
       | security people in government agencies.
       | 
       | From an Australian who is generally disappointed in government
       | IT.
        
         | iechoz6H wrote:
         | I posted primarily because I share your sentiments. This
         | particular write-up details targeted attacks against Windows OS
         | specifically and is part of the NHS's wider documented response
         | to Log4Shell [1]
         | 
         | 1. https://digital.nhs.uk/cyber-alerts/2021/cc-3989
        
         | iso1210 wrote:
         | From an outside perspective, insourced UK Government IT seems
         | really well managed and on the ball
         | 
         | However far too much is outsourced to capita or accenture or
         | direct to oracle or microsoft, and that's where it falls apart
        
       ___________________________________________________________________
       (page generated 2022-01-08 23:02 UTC)