VMware

Security Advisories are the official notification of security-related vulnerabilities and issues impacting VMware products. Security Advisories outline complete information on how to protect impacted systems. Each advisory contains a detailed description of the security vulnerability, affected systems, threat severity, risk mitigation techniques for fixing the vulnerability and securing the system. Third-party certifications such as Common Criteria and FIPS provide independent validation of the security of VMware products. These are listed along with links to the official certificate or report. Security Hardening Guides provide prescriptive guidance for customers on how to deploy VMware products in a secure manner and also provide script examples and other information to help with security automation.

Security Certifications & Validations

Common Criteria Evaluation & Validation (CCEVS)

Federal Information Processing Standards (FIPS)

  • PCoIP Display Protocol for Horizon View™: VMware received FIPS-140-2 certification for the "PCoIP Cryptographic Module for Horizon View" (December 2011).

The PCoIP display protocol with Horizon View™ 5.0 provides end users with secure access to virtual desktops, dramatic improvements in user experience and bandwidth optimization across the LAN and WAN for demanding environments.

  • FIPS 140-2: VMware ACE files are encrypted with the AES 128-bit algorithm. VMware has received approval from the US Department of Commerce to export VMware ACE internationally. FIPS 140-2 compliance testing has been completed and final certification is currently in-process.



Other Certifications

CESG Virtualization Product Approval - vSphere ESXi 4.1

Sign up for Security Advisories


Enter your email address:


VMware Security Resource Center

Stay informed about security issues and considerations for your virtual infrastructure.

Visit Security Resource Center