VMware has released updates for several of its virtualization solutions to close numerous security holes.
Affected were solutions such as VMware ESX, ESXi, vCenter, VirtualCenter and vMA. The problems are mainly caused by flawed third-party software such as Kerberos, GCC and OpenSSL shipped with VMware products. The updates for Java JRE alone close several dozen holes.
For more information, see the following:
VMSA-2010-0009 ESXi utilities and ESX Service Console third party updates
VMSA-2010-0004.1 ESX Service Console and vMA third party updates
VMSA-2010-0002.1 VMware vCenter update release addresses multiple security issues in Java JRE
VMSA-2010-0002.2 VMware vCenter update release addresses multiple security issues in Java JRE