Posts

VMware vCenter Server address heap-overflow and privilege escalation vulnerabilities

Broadcom has release an update to address the below two vulnerabilities. This affect vCenter Server 7.x and 8.x. VMware vCenter Server heap-overflow vulnerability (CVE-2024-38812) This carries a CVSSv3 score of 9.8 VMware vCenter privilege escalation vulnerability (CVE-2024-38813) This carries a CVSSv3 score of 7.5. Both are addressed with resolution with a new binary update for vCenter Server 7U3s and vCenter Server 8U3b. This will affect any VCF 4.x and 5.x which contains either vCenter Server 7.x or 8.x. It is always recommended to get this updated as soon as possible with such rare critical severity. Check out this article for more information.

VMware See you again!

Today marks my last working day in this great company, VMware. Starting as a sales engineer coming from a delivery background in 27 Dec 2011 to managing a country team of 15 solution architects was a magnificent milestone. A good 12 years, 7 months, 28 days race. There are so many people to thank, and words alone can't fully express my appreciation. I am deeply grateful to everyone I've crossed paths with, both within and outside the company. You've all played a part in shaping who I am today, and for that, I am truly thankful. Some may see me as a representative of VMware in Singapore, perhaps due to my long tenure or my visibility within the community. While that's a bit of a joke, the truth is, technology has been the driving force that kept me passionate during my time at VMware. Without it, I might have lost that spark long ago. What truly made my journey memorable were the incredible people I met along the way—from sales to engineering, partners to customers. They

Aria Operations Management Packs End of Life

Coming 1st Oct 2024, the Aria Operations Management Packs will be end of general support (EoGS). Here is the KB . The affected management packs are as follow: vRealize Operations Management Pack for VMware Integrated OpenStack vRealize Operations Federation Management Pack VMware vRealize Operations Management Pack for CloudHealth VMware Aria Operations Management Pack for Flowgate VMware Aria Operations Management Pack for Aria Hub VMware vRealize Operations Management Pack for VMware Smart Assurance Aria Operations Management Pack for Aria Operations for Apps Aria Operations Management Pack for VMware Tanzu Application Service Aria Operations Management Pack for Microsoft Hyper-V Aria Operations Management Pack for NetApp FAS/AFF Aria Operations Management Pack for Microsoft SCOM Aria Operations Management Pack for Citrix Virtual Apps & Desktops Aria Operations Management Pack for Dell EMC OpenManage Enterprise Aria Operations Management Pack for HPE OneView Aria Operations Manag

Hackers Exploit VMware Vulnerability that give Hypervisor Admin

You might have come across the above concern one that was published here . Since the day VMware vSphere was made available, ESX Admins user group if created in Active Directory will be given admin rights to ESXi when a user is place as a member of ESX Admins group. This was not new. I think some people do not know this existed. Moving forward, it seem hackers are now targeting this function to gain admin rights to the hypervisor. For companies that have concern over this and like to change this group membership name, you can follow this KB . Hope this address the concerns.

VMware NSX 4.2 Release (Entitlement)

With the release of NSX 4.2 together with the General Availability of VMware Cloud Foundation 5.2, there are some important points to take note of. With NSX 4.2, overlay support for bare metal servers are no longer available. Moving forward, NSX will only support for virtual machine which is running on vSphere. The NSX Network introspection for Security will be deprecated in 4.x and will no longer be support after. NSX Manager APIs and NSX Advanced UIs will deprecated in this version. Just to name a few. But one major change in this release is an entitlement change in regards to NSX Native Load Balancer (NLB) or NSX Load Balancer. Entitlement Change for the NSX Load Balancer In a future major release of NSX, VMware intends to change the entitlement of the built-in NSX load balancer (a.k.a. NSX-T Load Balancer). This load balancer will only support load balancing for Aria Automation, IaaS Control Plane (Supervisor Cluster), and load balancing of VCF infrastructure components. VMware re

vSphere ESXi 7.x End of General Support Extended!

Image
This is definitely one of the good news that the vSphere 7.x End of General Support (EoGS) has been extended to 2nd Oct 2025 instead of the original Apr 2025. You can find this in the lifecycle website  https://support.broadcom.com/group/ecx/productlifecycle . Yes the website is not as good as the previously lifecycle.vmware.com as the dropdown does not work and you have to search ESXi in their search field instead. This definitely is more welcoming as many customers are running short of time to upgrade to vSphere 8 and given that new hardware are often required, there is some gap in the timing. At least now Broadcom has extend the General Support. That means we have 6 months more time to quickly plan for it.

VMUG Singapore with VCF PM

In South East Asia, VMUG Singapore chapter has always been the most active and constantly having a meetup almost every quarter. With the new Broadcom acquisition, this will be the first session by VMUG Singapore with VMware by Broadcom with VMware Cloud Foundation Product Managers on some of the recent innovation and update on VCF solution. If you are based in Singapore, do not miss this out. It is rarely we have product managers and this will be one not to be missed. Register your seats here . Seats are limited so do it fast. Do remain considerate as community, if you are not able to attend due to any reason, do give it up to those who might. I will be there so see you there! Broadcom Singapore Pte Ltd Floor, Suntec Tower 4, S038986 6th, 038986 Singapore, NA, SG VCF Updates, 2024 and beyond   Thursday, 27th June 2024