After releasing the initial security advisory VMSA-2018-0002 to discuss Meltdown and Spectre vulnerabilities, VMware released yesterday the second advisory on the matter – VMSA-2018-0004 – VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Remediation for speculative execution issue.
VMSA-2018-0004 – Hypervisor-Assisted Guest Remediation
Updates of vCenter Server, ESXi, Workstation and Fusion virtualize the new speculative-execution control mechanism for virtual machines. As a result, a patched guest operating system can remediate the Branch Target Injection issue (CVE identifier CVE-2017-5715). This issue may allow for information disclosure between processes within the VM.
Affected VMware products:
- vCenter Server 5.5, 6.0, 6.5
- ESXi 5.5, 6.0, 6.5
- Workstation 12.x (
patch planned; update to 12.5.9), 14.x (update to 14.1.1) - Fusion 8.x (update to 8.5.10), 10.x (update to 10.1.1)
Recent Comments