Yesterday, November 4, dutch hacker “Stun” tweeted a link that allows the download of VMware’s ESX source code files dated between 1998 and 2004.
The source code released is probably related to the leak that VMware itself announced in April and has already patched in May.
VMware Security & Compliance Blog published a note to confirm that the security team is aware of the public posting of the code and, quoting Iain Mulholland:
“As is our practice, VMware will continue to assess any further security risks, and will provide recommendations and updates here as appropriate.”