vSphere: Response to Meltdown and Spectre vulnerabilities

meltdown-spectre-logos

For those who were responding quickly to Meltdown and Spectre by applying security patches to their ESXi environment, it can be a bit frustrating to know that VMware pulled those packages down few days after they were released.

This is related to a reboot issue in the recent CPU microcode updates released by Intel, and both vendors aks for some time to provide a revised version of firmware.

Currently, VMware urges to apply the latest patches (released on January 9, 2018) to vCenter Server and VCSA as follows:

More information (and possibly updates) will come next week.

Meanwhile, I would leave here a few more articles that are worth reading:

25/01/2018 – Update 1: Two more articles that seem to be quite helpful are as follows:

09/02/2018 – Update 2: VMware released a new security advisory (VMSA-2018-0007) in regards to mitigating CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 in VMware Virtual Appliances.

12/02/2018 – Update 3: Another excellent summary in regards to the subject: Meltdown and Spectre: far from the solution?

25/02/2018 – Update 4: Over the last week Dell EMC released new BIOS for 13G and 14G server platforms. Still, it will take some time for VMware to update their HCL with the supported configurations. Meanwhile, it is recommended to apply Photon OS security patches to VCSA 6.5 as per the following article: https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vcenter-server-appliance-photonos-security-patches.html.

 

Packt Publishing eBooks and Videos Sale

New Year is a great time to save on purchasing different sort of things. Especially when you are planning to obtain new or update existing IT certification.

That is why I was pleased to see that Packt Publishing had a generous discount on almost all of their ebooks and video courses. Currently (and I believe it lasts until the end of this week) you can buy them for just AUD 6.50 / USD 5.00 each. Almost bargain!

Packt Publishing Offer

A few titles I found quite interesting to add to my library are as follows:

Don’t miss a chance to make yourself a gift 😉

2018 Sydney VMUG UserCon is on March 20th

Happy New Year to everyone!!! 2017 was definitely full of disruptions from VMware, and the folks in Palo Alto keep the wheels of innovation fast turning.

Saying that it is always a good idea to look at what is happening behind the curtains, meet with the experts and peers, and plan for the next technology upgrade. This is where VMUG UserCon can be of great use!

VMUG UserCon 2018

This year VMUG UserCon is promised to be more about deep-dive learning and hands-on training. Woo-hoo!!!

The primary focus is on modernising data centres and integrating with the public cloud, expanding into the digital workspace with Workspace ONE, and transforming security with solutions like NSX and vSphere.

The event is going to be held in the heart of Sydney CBD at The Westin Sydney.

The registration is already open, and it looks like it’s going to be a big hit! So don’t miss your chance to be there on March 20th 😉

vSphere Next: A new beta refresh and more

Beta Testing

Less than two months since VMware announced the availability of a vSphere beta and it has been refreshed with the new features and bugfixes. To participate in the program, candidates should indicate their interest by filling out this simple form.

I personally think time around Christmas holidays is the best one for tech geeks to dedicate some of their time and have an understanding of what’s next.

The beta refresh is available as a downloadable media and as a hosted environment in the Hands-on-Labs.

For those folks who need access to the full range of technologies from VMware, the VMware User Group has just announced a 10% discount on the VMUG Advantage subscription. This offer is available until December 31st, 2017.

All this sounds like a great Christmas gift from the vendor. Thank you, VMware!

vSphere Web Client 6.x: ‘Shockwave Flash has crashed’ issue

It was a great surprise for many virtualisation specialists to see an error message saying ‘Shockwave Flash has crashed’ immediately after authenticating in the vSphere Web Client 6.x earlier this week.

Flash-Issue-01

Most of the reports came from those who were using the latest version of Google Chrome (61.0.3163.100). However, there were similar issues with other web-browsers and Adobe Flash version 27.0.0.170.

William Lam wrote a special post on his blog about this issue, and he keeps it updated with the number of hacks.

Gladly, VMware has been quick with publishing a KB 2151945 which tracks information about the same problem and providing some workarounds as well. Thanks to Dennis Lu for pointing to this article!

This is a classic example of how dependency on a third-party technology can affect your solution. I hope that VMware accelerates the development of vSphere Client (HTML5) and provides feature parity between it and the Flash one.

ESXi 6.5: Host fails with PSOD after upgrading to 6.5 Update 1 [RESOLVED]

For those who have plans upgrading their environment from vSphere 6.0 to 6.5 Update 1, I would suggest postponing this until VMware resolves issue documented in KB 2151749.

ESXi650-2151749

Hosts will be affected if they equipped with 10 Gbps NICs.

The only workaround that the vendor has at the moment is to downgrade ESXi to 6.0 Update 2.

17/10/2017 – Update 1: According to VMware GSS, this issue is going to be “resolved in ESXi 6.5 Patch 02, which is schedule to release this month (The release date may change without notice).” Please refer to the SR #17599111410 when contacting GSS for more information.

08/02/2018 – Update 2: This issue is resolved in VMware ESXi 6.5 P02 (ESXi-6.5.0-20171204001-standard).