Hello,
I was looking through the latest revision of the vSphere Hardening Guide (4.1 Revision C - June 2011). In the Hardening Guide, VUM01's name is "Use least privileges for the Update Manager Database User."
However, in the script, VUM01 is listed as "Install Update Manager on a different machine from vCenter." I don't believe this is in the hardening guide any longer.
For reference, here are the vCenter Update Manager items noted in the hardening guide:
VUM01 - Use least privileges for the Update Manager database user
VUM02 - Keep the Update Manager system properly patched
VUM03 - Provide Windows system protection on the Update Manager system
VUM04 - Avoid User Login to the Update Manager System
VUM05 - Do not configure the Update Manager to manage its own virtual machines or the virtual machine of its VMare vCenter Server
VUM06 - Do not use self-signed certs
VUM10 - Limit the connectivity between Update Manager and public patch repositories
Thanks for such a great tool!