If you're running VMware ESXi, Workstation, or Fusion, it's time to pay attention—because attackers sure are. Broadcom just rolled out security updates to patch three actively exploited vulnerabilities, and it turns out over 40,000 VMware ESXi instances are at risk.

What's Going On?

VMware's virtualization products, like ESXi, Workstation, and Fusion, let users run virtual machines (VMs) on their systems. Unfortunately, cybercriminals have found a way to exploit three zero-day flaws to gain admin-level control. That's bad news for enterprise networks, cloud infrastructure, and basically anyone using VMware in production.

These vulnerabilities allow attackers to execute malicious code directly on the underlying hypervisor, bypassing key security measures. Here's a breakdown of the flaws, each with its own severity rating:

How Do These Attacks Work? 

Attackers aren't just exploiting one vulnerability—they're chaining them together for maximum damage. Here's how it typically plays out:

Sound bad? It is. Security experts have already observed attackers encrypting hypervisor-linked storage, effectively crippling disaster recovery plans.

Who's Affected?

A long list of VMware products, including:

If you're using any of these, patch immediately.

How to Protect Yourself

Applying the latest patches is non-negotiable. Broadcom has released updates, and here's what you should do right now:

Patch Details 

Broadcom has addressed these issues in the following updates:

For Cloud Foundation & Telco Cloud, async patches are also available.

Final Thoughts

This isn't just another vulnerability—it's an active attack vector that cybercriminals are already using. If your VMware systems aren't patched, you're leaving the door wide open. Act now, or risk becoming the next ransomware victim.