Plain Virtualization

VMware has release important patches based on the advisory affecting all the hypervisor including ESXi and desktop hypervisor i.e. Workstation and Fusion which contain vulnerabilities that has a CVSSv3 of 7.1-9.3. Most of the listed are all USB related. Most of this might nto affect ESXi since most do not use USB controller on them but more towards the desktop hypervisors. Patches are released fro ESXi 7 and 8 and Workstation 17 and Fusion 13. And since this is a critical severity, VMware has release patches for out of support ESXi 6.5U3v and 6.7U3u for customers on extended support. This also include VCF 3.x that happens to run such version of ESXi.  I hope everyone should have upgraded as a best practice to at least ESXi 7 to avoid such issue where you are not on support and yet running critical workload. If you are still on ESXi 6.5U3v and ESXi 6.7U3u, I would assume you have extended support to tie you through. Do note that if you manage to get the patches from other source wi...

With the announcement of the end of perpetual license for VMware products moving forward, there are also other changes especially in regards to the free ESXi. As per KB on 12th Feb 2024 states, the free ESXi or free vSphere hypervisor is no longer made available. This came as a surprise to me. In fact, many of our home lab and evangelist are using the free hypervisor to learn VMware solution. With this gone, this will definitely affect the fan base and results in many to use alternative. Didn't expected this to come. But understandable that Broadcom might want to stop those who are leveraging on free hypervisor for commercial use. Which I know of some who does. I would rather they change the EULA and make it fully personal license, which mean Broadcom can actually use legal action if found anyone using it for commercial reason.  But sadly, this got to happen. At least the free ESXi has a good run.

Many might have been raised alert on the recent vCenter Server vulnerability which was raised as a 9.8/10 scale rating. One of it can be found here  reported on Feb 23rd. If you have subscribe to VMware Security advisory, you would have received this information VMSA–2021–0002 . I would strongly encourage anyone who is using VMware solution to subscribe to VMware Securities Advisories so as to be kept informed of any security information. If you have refer to VMSA-2021-002, vCenter Server version 7.0 U1c was updated in Dec 17th, 6.7 U3I Nov 19th and lastly 6.5 U3N Feb 23rd one day after the report. If you have been up to date, you would have been protected way before the report was announced. The only version was 6.5 which was release a day after, but based on the report, it was a one day turn around which is still impressive. Also this is very critical for vCenter Server that are connected to the internet. However, this case would be minimal as most customer would not have place t...

Upgrade VMware Tools and virtual hardware using Update Manager. Other related posts: vSphere 5 vRAM Licensing vSphere 5 ESXi 5 Installation Upgrade vSphere vCenter 4.x to 5.0 Upgrade ESX/ESXi 4.x to ESXi 5.0 using Update Manager Upgrade VMware Tools and virtual hardware with Update Manager