News

VMware’s Virtual Appliances Receive Meltdown & Spectre Fixes

Meltdown & Spectre are still hard to beat.

Another company that’s been working hard on Meltdown & Spectre fixes is VMware. The cloud computing and platform virtualization software provider has recently issued some patches and workarounds for various virtual appliances. These virtual appliances are apparently vulnerable to Meltdown & Spectre, especially when it comes to CPU data cache timing. The company issued an official warning, stating that the abuse could “leak information out of mis-speculated CPU execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.”

Worst case scenario, the cache timing exploit could lead to information disclosure.

How many patches are out so far?

VMware has only released a single patch at the time of writing. This patch is for the vSphere Integrated Containers (VIC) products, but mitigation tips are available for all other affected products. The complete list of affected VMware products is as follows:  vCloud Usage Meter (UM), Identity Manager (vIDM), vCenter Server (vCSA), vSphere Data Protection (VDP), vSphere Integrated Containers (VIC), and vRealize Automation (vRA). However, the company also advises users to not implement workarounds for products that are not present on the list. Below you will find a complete list of workarounds, which are useful until official patches arrive.

  • vCloud Usage Meter (UM): KB52467
  • Identity Manager (vIDM) 3.x, 2.x: KB52284
  • vCenter Server (vCSA) 6.0, 6.5: KB52312 [5.5 isn’t affected]
  • vSphere Data Protection (VDP): Unavailable
  • vSphere Integrated Containers (VIC): Patch available
  • vRealize Automation (vRA): 7.x KB52377 | 6.x KB52497

Support eTeknix.com

By supporting eTeknix, you help us grow and continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology, share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you’ll find our latest video reviews, event coverage and features in 4K!

Check out our Latest Video
Cernescu Andrei

Candrei is a writer for eTeknix who loves the latest technology news and gaming.

Disqus Comments Loading...
Share
Published by
Cernescu Andrei
Tags: Meltdown & SpectreVMware
7 years ago

Recent Posts

Electronic Arts Titles Played for Over 11 Billion Hours in 2024

Electronic Arts (EA) announced today that its games were played for over 11 billion hours…

2 days ago

Just 15% of Steam Gaming Time in 2024 Was Spent on New Releases

Steam's annual end-of-year recap, Steam Replay, provides fascinating insights into gamer habits by comparing individual…

2 days ago

STALKER 2 Gets Massive 110GB Patch With 1800+ Fixes

GSC GameWorld released a major title update for STALKER 2 this seeking, bringing the game…

2 days ago

Intel Unveils Core 200H Processors Based on the Previous Raptor Lake Refresh

Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…

3 days ago

Ubisoft Reportedly Developing a New Quadruple A Game

Ubisoft is not having the best of times, but despite recent flops, the company still…

3 days ago

STALKER 2: Heart of Chornobyl Update 1.1 Fixes 1,800 Issues and Revamps A-Life 2.0

If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…

3 days ago