So far only a single file of source code has been posted online, but more files could be posted in the future.
“The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers. VMware proactively shares its source code and interfaces with other industry participants to enable the broad virtualization ecosystem today”, Iain Mulholland, director of VMware Security Response Centers, said in a blog.
“We take customer security seriously and have engaged internal and external resources, including our VMware Security Response Center, to thoroughly investigate”, he added.
“How serious this exposure is depends on the level of code audit performed", Charlie Winckless, senior security architect at Presidio Networked Solutions, told CRN. "There almost certainly will be some bugs and issues exposed, but it's far from certain that they are exploitable", he added.
The hacker who goes by the alias 'Hardcore Charlie' claimed responsibility for the hack and said he stole the code from the China National Electronics Import-Export Corporation.