vSphere Security Concerns (source code leak)
Many users asked about the concerns they have. First and foremost, won't open source be also a concern if we were to use it as well?
Every organization would have in place certain regulation and policy in their infrastructure be it hardening, patches to be up to date and firewalls, etc. If these are been follow up and maintain compliance, is there much of a concern really?
One article from Michael White, a VCDX makes really good sense and encourage you to have a read.
This single file from ESX code dating to 2004 was leaked and I wonder who much vulnerabilities that wasn't discovered from VMware regular patches till now 8 years later. If any of the environment are still vulnerable due to this leak this will be disastrous and it can only see how back dated the servers are not keep up to date.
Keep security best practices in place, have patch applied whenever possible relating to security vulnerability. You will be pretty much safer than anyone who didn't have such practice in place.