Browsed by
Tag: Meltdown

Spectre/Meltdown Vulnerability – How to Patch VMware vCenter 6.5

Spectre/Meltdown Vulnerability – How to Patch VMware vCenter 6.5

As per Security Advisory VMSA-2018-0007, VMware has begun releasing virtual appliance updates to address side-channel analysis due to speculative execution vulnerabilities. One of the first virtual appliances VMware has patched is vCenter 6.5. The latest release, vCenter 6.5U1f, patches the VCSA’s Photon OS to address Spectre-1 (CVE-2018-5753) and Meltdown (CVE-2017-5754) vulnerabilities. Mitigations for Spectre-2 (CVE-2017-5715) are absent from the latest patch as Spectre-1 and Meltdown mitigations were ready to be released; whereas, Spectre-2 patches were still being prepared. UPDATE –…

Read More Read More

Spectre Vulnerability – How to Patch VMware ESXi

Spectre Vulnerability – How to Patch VMware ESXi

Yesterday, news broke about vulnerabilities affecting AMD, Intel, and ARM CPU’s. These vulnerabilities, termed Meltdown and Spectre, have the potential to expose information that the machine(s) process. Check out this post for an in-depth look. At this point, it appears that VMware ESXi is not vulnerable to Meltdown; however, they have released patches for Spectre. It has been speculated that patching the flaws will cause performance hits. To what degree varies by reporting source. As always, test patches before deployment and…

Read More Read More