VMware vForum Romania 2018

VMware vForum Romania 2018

VMware announced 2018 edition of their 1 full-day conference in Romania, vForum. On 2nd October, Crown Plaza Hotel from Bucharest will host the biggest annual event of VMware Romania.

“VMware vFORUM 2018 is a full day of innovation to accelerate your digital transformation through a software-defined approach to business and IT. We show you how you can improve business agility by modernizing data centers and integrating public clouds, and create exceptional experiences by empowering a secure digital workspace. Get ready for industry-leading insights, keynotes, breakout sessions and customer case studies on the trends that matter most to your business and to IT.” – VMware vForum official site

This year the event has a long list of sponsors: Dell, Fortinet, HPE, Veeam, AWS, Check Point, Eta-2U, Kapsch, Novatech, and TechData.

Read More

VMSA-2018-0003

VMSA-2018-0019 – VMware Horizon Vulnerability

VMware has released a new security advisory VMSA-2018-0019: Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability.

This advisory documents the remediation of one important issue: Horizon 6, 7, and Horizon Client for Windows contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed.

The vulnerability doesn’t apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems.

The Common Vulnerabilities and Exposures project has assigned the identifier CVE-2018-6970 to VMSA-2018-0019 issue.

VMSA-2018-0019 – Affected Products and Resolutions

Horizon version 7.x running on Windows – update to version 7.5.1 (release date 19 July 2018, for more details check the Release Notes)

Horizon version 6.x running on Windows – update to version 6.2.7 (release date 7 August 2018, for more details check the Release Notes)

Horizon Client for Windows version 4.x and earlier – update to version 4.8.1 (release date 7 August 2018, for more details check the Release Notes)

The vulnerability doesn’t apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems.

You can check reports on other VMware vulnerabilities in my page dedicated to Security Advisories.

How to Upgrade vCenter Server Appliance from 6.5 to 6.7

How to Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 2

In a previous article (How to Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 1) I walked through the first phase of the upgrade process for vCSA 6.7 (embedded deployment) – Deploy the OVA File of the new vCenter Server Appliance with an embedded Platform Services Controller. In this article I will cover phase 2 of the vCenter upgrade – transfer the data and setup the newly deployed vCenter Server Appliance.

Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 2

In the last step of the phase 1, I was presented with the following screen:

Upgrade vCenter Server Appliance from 6.5 to 6.7 - Deploy VCSA Completed

Read More

How to Upgrade vCenter Server Appliance from 6.5 to 6.7

How to Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 1

In this article I will show you how to upgrade vCenter Server Appliance running 6.5 to the target version of 6.7. I will upgrade an embedded deployment (as per vCenter Server and Platform Services Controller Deployment Types: all services bundled with the Platform Services Controller are deployed together with the vCenter Server services on the same virtual machine or physical server).

The upgrade procedure consists in two steps:

  1. Stage 1 – Deploy the OVA File of the new vCenter Server Appliance with an embedded Platform Services Controller
  2. Stage 2 – transfer the data and setup the newly deployed vCenter Server Appliance

In this article I will cover Stage 1 (deployment of a new vCSA 6.7). In a later article I will cover Stage 2 (data migration from the old 6.5 vCSA to the new 6.7 vCSA).

Read More

VMSA-2018-0003

VMSA-2018-0014 – VMware Horizon Client Privilege Escalation Vulnerability

VMware has released a new security advisory: : VMware Horizon Client update addresses a privilege escalation vulnerability.

This advisory documents the remediation of one important issue: VMware Horizon Client contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed.

The Common Vulnerabilities and Exposures project has assigned the identifier CVE-2018-6964 to VMSA-2018-0014 issue.

All 4.x and prior versions of Horizon Client are affected by this vulnerability. VMware recommends update to version 4.8.0 (released 29 May 2018).

Read More

VMware Patches for Spectre

VMSA-2018-0012 – Speculative Store Bypass – SpectreNG

Not long after the first release of Meltdown and Spectre vulnerabilities, Google and Microsoft researchers independently reported two other variants of the modern processors bugs: a new subclass of speculative execution side channel vulnerabilities known as Speculative Store Bypass (SSB, previously known as SpectreNG – variant 4) has been assigned CVE-2018-3639; another Meltdown variation, rogue system register read (also called variant 3a) has been assigned CVE-2018-3640.

Among affected processors we find a wide range of chipsets: Intel and AMD x86, IBM POWER 8 and 9, and ARM CPUs.

Catalin Cimpanu wrote for Bleeping Computer:

Variant 3a is a variation of the Meltdown flaw, while Variant 4 is a new Spectre-like attack. The most important of these two is Variant 4. Both bugs occur for the same reason – speculative execution – a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data.

The difference is that Variant 4 affects a different part of the speculative execution process —the data inside the “store buffer” inside a CPU’s cache.

Read More

PowerCLI 10.1.0

VMware PowerCLI 10.1.0

VMware released a new PowerCLI version, version 10.1.0. I will cover in this article the improvements brought by PowerCLI 10.1.0, the installation process on Windows and the update procedure on both Windows and Linux.

PowerCLI 10.1.0 Changes

New features:

  • New module: VMware.Vim provides vSphere API bindings, allowing access to the latest features available in the VMware Cloud on AWS.
  • New cmdlets: Set-ScriptBundleAssociation and Remove-ScriptBundle added to the VMware.DeployAutomation module. They provide the ability to work with script bundles modification.

Updates:

  • NSX-T module has been updated to support the new API features in VMware NSX-T 2.1.
  • VMware PowerCLI has been updated to support the new API features in VMware vSphere 6.7.
  • Instead of producing a warning when connecting to resources using invalid or self-signed certificates, PowerCLI now produces an error.
  • The Import-VApp cmdlet has been updated to support SHA-256 and SHA-512 hash algorithms.
  • The Version parameter of the New-VM and Set-VM cmdlets has been deprecated and replaced by the HardwareVersion parameter that accepts string input.
  • The Version property of the VirtualMachine object has been deprecated and replaced by the HardwareVersion property.

Read More

VMware Security Advisory

VMware Security Advisory – VMSA-2018-0010 – Horizon DaaS Update

VMware has released a new security advisory: VMSA-2018-0010: Horizon DaaS update addresses a broken authentication issue.

This advisory documents the remediation of one moderate issue: Horizon DaaS contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication.

To be able to exploit this vulnerability, a potential attacker must have a legitimate account on Horizon DaaS.

The Common Vulnerabilities and Exposures project has assigned the identifier CVE-2018-6960 to this issue.

All 7.x versions of Horizon DaaS are affected by this vulnerability. VMware recommends update to version 8.0.0.

Read More

Install vSphere 6.7

How to Install VMware vSphere 6.7

In this article I will show you how to install VMware vSphere 6.7. If you are looking for instructions about how to install vSphere 6.5, you can find them here.

To start, you need an installation iso for vSphere 6.7, which you can download from your My.VMware account. From here, I downloaded VMware-VMvisor-Installer-6.7.0-8169922.x86_64.iso (vSphere 6.7 build 8169922). I will install vSphere into a virtual machine (beware, this is a configuration unsupported by VMware, but often seen in home labs), so I will just mount the iso file into the CD drive and power on the VM.

Install VMware vSphere 6.7

As soon as the VM boots, you will see a “Loading ESXi installer screen”:

Install vSphere 6.7 - Loading ESXi installer

Read More

VMware Security Advisory

VMware Security Advisory – VMSA-2018-0009 – vRealize Automation Vulnerabilities

VMware has released a new security advisory: VMSA-2018-0009 – vRealize Automation updates address multiple security issues.

This advisory documents the remediation of two issues: one important (DOM-based cross-site scripting vulnerability which may lead to the compromise of the vRA user’s workstation) and one moderate (Missing renewal of session tokens vulnerability which may lead to the hijacking of a valid vRA user’s session).

VMSA-2018-0009 – DOM-based Cross-site Scripting (XSS) Vulnerability

CVE-2018-6958 – vRealize Automation contains an important vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Exploitation of this issue may lead to the compromise of the vRA user’s workstation.

Read More