VMware sticks finger in Meltdown/Spectre dike for virtual appliances

Proper patches under way, but for now - to your command lines, vAdmins!

By Simon Sharwood, APAC Editor

Posted in Security, 9th February 2018 03:58 GMT

VMware has advised on how to mitigate the Meltdown and Spectre chip design flaws in several of its products.

The workarounds cover vCloud Usage Meter, Identity Manager (vIDM), vCenter Server, vSphere Data Protection, vSphere Integrated Containers and vRealize Automation (vRA). And they're important because VMware now ships several of its products as appliances: vCenter, for example, is no longer allowed to run in a Windows VM.

The knowledge base articles for all the products state that Meltdown and Spectre can create problems for virtual appliances, explain that the mitigation tactics will stop attacks but must be considered "a temporary solution only and permanent fixes will be released as soon as they are available."

Several of the workarounds, listed here, require logging on as a privileged user and then type a couple of commands. Others require more effort. So crack open your command lines, vAdmins: there's work to do.

And in case you are super-keen on VMware and or wonder about what Dell plans to do with it , consider its SEC filings and those of the Dell Technologies tracking stock that's tied to Virtzilla.

Both record that colossal investment management outfit Blackrock Inc has recently increased its holdings in both stocks above the five per cent level that makes public disclosure compulsory. That kind of buy is sometimes a signal that an investor wants its opinions to be given greater weight.

So once you finish your workarounds, grab some popcorn. ®

Sign up to our NewsletterGet IT in your inbox daily

5 Comments

More from The Register

Microsoft ports its Quantum Development Kit to Linux and macOS

Now that it's not Windows-only, you can simulate a theoretical computer on a real computer

Microsoft works weekends to kill Intel's shoddy Spectre patch

Out-of-band patch may assuage user anger over Intel crudware, closed-club disclosure process

Microsoft loves Linux so much it wants someone else to build distros for its Windows Store

WSL blueprint open-sourced to tempt distro makers

Wintel part deux? Microsoft Azure first for Intel Clear Linux

Stateless Linux data center released into the wilds

Linux laptop-flinger says bye-bye to buggy Intel Management Engine

Says 'disabling' the ME will reduce future vulnerabilities

Microsoft's most popular SQL Server product of all time runs on Linux

Build Yes, you read that right

Microsoft has designed an Arm Linux IoT cloud chip. Repeat, an Arm Linux IoT cloud chip

And it talks to Azure. Cortana probably spotted lurking nearby

Ubuntu 17.10 pulled: Linux OS knackers laptop BIOSes, Intel kernel driver fingered

Updated Free as in thank God I'm not paying for this

SHL just got real-mode: US lawmakers demand answers on Meltdown, Spectre handling from Intel, Microsoft and pals

Pact of silence questioned

Wanted that Windows 10 update but have an Intel SSD? Computer says no

Updated 600p and Pro 6000p devices beset by 'incompatibility issues'