Endpoint Vulnerability

VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)

Description

Intel has disclosed details on speculative-execution vulnerabilities known collectively as Microarchitectural Data Sampling (MDS)' that can occur on Intel microarchitecture prior to 2nd Generation Intel Xeon Scalable Processors (formerly known as Cascade Lake). These issues may allow a malicious user who can locally execute code on a system to infer data otherwise protected by architectural mechanisms.

Affected Products

VMware Player