Breaking News

VMware releases temporary mitigations for Meltdown and Spectre flaws

VMware has provided detailed instruction on how to mitigate the Meltdown and Spectre vulnerabilities in several of its products.

VMware is releasing patches and workarounds for its Virtual Appliance products affected by the Meltdown and Spectre vulnerabilities.

The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive data.

The mitigations measures could be applied to vCloud Usage Meter, Identity Manager (vIDM), vCenter Server, vSphere Data Protection, vSphere Integrated Containers and vRealize Automation (vRA).

“VMware Virtual Appliance updates address side-channel analysis due to speculative execution” states the advisory published by the company.

The company acknowledged problems for its virtual appliances and opted to release workarounds to protect its customers. The proposed solutions are only temporary waiting for a permanent fix that will be released as soon as they are available.

The complete list of workarounds is available here, in some cases, admins can mitigate the issue by launching a few commands as a privileged user, in other cases the procedure to deploy mitigations is more complex.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Spectre patches, VMware )

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: HackingMeltdownSpectreVMware
6 years ago

Recent Posts

Hackers hijacked the eScan Antivirus update mechanism in malware campaign

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…

2 hours ago

US offers a $10 million reward for information on four Iranian nationals

The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…

9 hours ago

The street lights in Leicester City cannot be turned off due to a cyber attack

A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all…

9 hours ago

North Korea-linked APT groups target South Korean defense contractors

The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting…

20 hours ago

U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity

The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the…

1 day ago

A cyber attack paralyzed operations at Synlab Italia

A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical…

1 day ago

This website uses cookies.