Dell EMC VxRail Software Update – Spectre Guest OS leakage mitigation

I posted earlier in the year that Dell EMC had released a Security Advisory to address Spectre (Meltdown doesn’t really affect VMware and hence VxRail). One of the items that wasn't addressed in the original fix was Guest OS leakage mitigation between processes within the VM - this required CPU/BIOS microcode updates which were not yet available … Continue reading Dell EMC VxRail Software Update – Spectre Guest OS leakage mitigation

Dell EMC updates VxRail software to address Spectre

So Dell EMC have finally released the patches for their VxRail appliances, I know many of my customers were asking about these patches - in a way it's good it was slightly delayed given how many normal VMware customers experienced issues when patching and how one patch was pulled by VMware! The good thing about … Continue reading Dell EMC updates VxRail software to address Spectre

Spectre & Meltdown Update

So it seems that the microcode patches released by VMware associated with their recent Security Advisory (VMSA-2018-0004) have been pulled.... https://kb.vmware.com/s/article/52345 So that's ESXi650-201801402-BG, ESXi600-201801402-BG, or ESXi550-201801401-BG. The microcode patch provided by Intel was buggy and there seems to be issues when VMs access the new speculative execution control mechanism (Haswell & Broadwell processors). However, I … Continue reading Spectre & Meltdown Update

Spectre & Meltdown Vulnerabilities

So at the beginning of the new year, news broke via The Register that there could be a potential security vulnerability to Intel processors (Meltdown) and how it was a problem which couldn't be easily fixed by a microcode update because of how the Intel architecture does speculative execution of code (in a nutshell this is how … Continue reading Spectre & Meltdown Vulnerabilities