Posts

Showing posts from October, 2023

Security Advisory: VMware Tools

-
A security advisory VMSA-2023-0024 has been release regarding VMware Tools. This compromises of two CVEs namely: CVE-2023-34057, CVE-2023-34058 which carries a CVSSv3 of 7.8 and 7.5 respectively. This mainly affect the host that is running on MacOS or Windows OS with specific VMware Tools version. Both of which are related to bypassing and gaining privilege access.  The one of MacOS might be least impacted since most customer only run MacOS in Fusion or Workstation. Do note and have them updated as the fixed version has been released.
Post a Comment
Read more

VMware vCenter Server VMSA-2023-0023

-
VMware has release a security advisory regarding vCenter Server. You can refer  here . This advisory is to address CVE-2023-34048 and CVE-2023-34056 which has a score on CVSSv3 of 9.8 and 4.3. This applies to vCenter Server version 7.x and 8.x which also affect VCF 3.x and 4.x which uses these vCenter Server version. The resolution is to apply the fixed version released. Do read carefully if there are any caveats for any particular build when you are updating. All of the above has been summarize in this  article  which was released on 24th October. Do take some time to read it and understand the risk and impact.
Post a Comment
Read more

VMware Certification Upgrade or Renew

-
I haven't been actively looking at VMware certification upgrade or into exam writing over more than a year. My certification has been at least 2 version back last was due to developing the initial vSphere 7.0 back in 2021. VMware has since remove the so call "expiration" of certification. Since due to Broadcom acquisition, was looking at my own certification making sure it is updated and all was dated 2021 version. Which means I would need to pass one exam which is current as documented  here . If your exam is just a year before, the requirement is just to attend a recommended course instead of an exam. So if you have not updated to the current year and is just one year before, a course would make the most sense. In my case, I would not have to take an exam if I have attend a course last year and to renew this year, would be another course. The good news is, if you own both VCP or VCAP of the same track and year, you only need to take the higher (in my case, VCAP) and do
Post a Comment
Read more