Posts

VMware vExpert 2024 Application is Now Open!

I believe many would have wonder if the vExpert Program will continue since VMware has been acquired by Broadcom recently. I am glad to announce that Corey Romero the program manager for VMware vExpert is continuing the support for the program and this is also Broadcom is supportive of it community recognition. Just for information, VMware User Group is here to stay! For those who are not aware, the VMware vExpert 2024 application is now open. You can follow the post here . There are calls and multiple resources to help you out with your applications and explanation to the different path. Do take note you can fill in the form and save it and submit before 15 Dec 2023 closing date. So take your time to collect your thoughts on your contribution to the VMware community. There is no rush to fill it up at one go. If you need any advice or help, and need to talk to someone, go to the vExpert Pro directory and find someone near you. I am honoured to be part of this directory. Personally I

Security Advisory: VMware Cloud Director

Another high rating of CVSSv3 of 9.8 was released here on VMware Cloud Director appliance. For those not aware, the virtual appliance is a prepackaged virtual machine with added configuration bedded in for easy deployment. This time it is due to authentication bypass vulnerability which allows a user to bypass authenticating on port 22 (ssh) or port 5480 after upgraded to version 10.5 from a previously older version. To resolve this, the updated kb has been released and it provide a script for the workaround to fix this. Do note that this affect only VMware Cloud Director version 10.5 which was upgraded from older version. Not on new deployment or other versions.

Security Advisory: VMware Tools

A security advisory VMSA-2023-0024 has been release regarding VMware Tools. This compromises of two CVEs namely: CVE-2023-34057, CVE-2023-34058 which carries a CVSSv3 of 7.8 and 7.5 respectively. This mainly affect the host that is running on MacOS or Windows OS with specific VMware Tools version. Both of which are related to bypassing and gaining privilege access.  The one of MacOS might be least impacted since most customer only run MacOS in Fusion or Workstation. Do note and have them updated as the fixed version has been released.

VMware vCenter Server VMSA-2023-0023

VMware has release a security advisory regarding vCenter Server. You can refer  here . This advisory is to address CVE-2023-34048 and CVE-2023-34056 which has a score on CVSSv3 of 9.8 and 4.3. This applies to vCenter Server version 7.x and 8.x which also affect VCF 3.x and 4.x which uses these vCenter Server version. The resolution is to apply the fixed version released. Do read carefully if there are any caveats for any particular build when you are updating. All of the above has been summarize in this  article  which was released on 24th October. Do take some time to read it and understand the risk and impact.

VMware Certification Upgrade or Renew

I haven't been actively looking at VMware certification upgrade or into exam writing over more than a year. My certification has been at least 2 version back last was due to developing the initial vSphere 7.0 back in 2021. VMware has since remove the so call "expiration" of certification. Since due to Broadcom acquisition, was looking at my own certification making sure it is updated and all was dated 2021 version. Which means I would need to pass one exam which is current as documented  here . If your exam is just a year before, the requirement is just to attend a recommended course instead of an exam. So if you have not updated to the current year and is just one year before, a course would make the most sense. In my case, I would not have to take an exam if I have attend a course last year and to renew this year, would be another course. The good news is, if you own both VCP or VCAP of the same track and year, you only need to take the higher (in my case, VCAP) and do

Deprecated of USB and SD Card for ESXi installation

Back in vSphere 7 there was mention of deprecation of USB and SD Card due to reliability issue of such storage disk used for ESXi installation. Often than not, even in my home lab, I always encounter these USB sticks failure causing my host to not boot up after shutting down or doing a restart. VMware has now official state the deprecation of such support starting from vSphere 8. Which means, vSphere 8.0 will be the last version to support such storage devices as ESXi installation disk. I believe most customer would have moved off USB and SD Card since vSphere mentioned previously. More servers nowadays also support SATADOM SSD which is ideally better than a normal server HDD which might be too huge and wasted for use. Do refer to this  KB  on information regarding this and I hope everyone should not be considering using any more USB or SD card.

NIAP Certification for VMware EUC Solutions

Two years ago, VMware manage to have VMware Boxer mail mobile client getting certificate for NIAP. It was the first mobile email client that has gotten this type of certification. Till date it is still the only mobile email client. This shows the security standard that Boxer has adhere to definitely isn't little. Having companied customer down to VMware Headquarters in Palo Alto in August and manage to know that VMware Horizon 8 has also achieved the same standard for NIAP in July 2023. This mark VMware Horizon as the first VDI solution to have met such standard and till date the only VDI solution in the market as well. Since VDI is often use as a main use case as a security solution to safe guard against IP thief and other use cases related, that a user requires full desktop access yet controls across the desktop are implemented, achieving this standard of certification is definitely proof VMware Horizon security standard. Please check out NAIP website  here  for the list of VMwar