Security

VMware sticks finger in Meltdown/Spectre dike for virtual appliances

Proper patches under way, but for now - to your command lines, vAdmins!

By Simon Sharwood

5 SHARE

VMware has advised on how to mitigate the Meltdown and Spectre chip design flaws in several of its products.

The workarounds cover vCloud Usage Meter, Identity Manager (vIDM), vCenter Server, vSphere Data Protection, vSphere Integrated Containers and vRealize Automation (vRA). And they're important because VMware now ships several of its products as appliances: vCenter, for example, is no longer allowed to run in a Windows VM.

The knowledge base articles for all the products state that Meltdown and Spectre can create problems for virtual appliances, explain that the mitigation tactics will stop attacks but must be considered "a temporary solution only and permanent fixes will be released as soon as they are available."

Several of the workarounds, listed here, require logging on as a privileged user and then type a couple of commands. Others require more effort. So crack open your command lines, vAdmins: there's work to do.

And in case you are super-keen on VMware and or wonder about what Dell plans to do with it , consider its SEC filings and those of the Dell Technologies tracking stock that's tied to Virtzilla.

Both record that colossal investment management outfit Blackrock Inc has recently increased its holdings in both stocks above the five per cent level that makes public disclosure compulsory. That kind of buy is sometimes a signal that an investor wants its opinions to be given greater weight.

So once you finish your workarounds, grab some popcorn. ®

Sign up to our NewsletterGet IT in your inbox daily

5 Comments

More from The Register

Linux 4.19 lets you declare your trust in AMD, IBM and Intel

Wave the CPU trust flag if you're feeling safe enough

Love Microsoft Teams? Love Linux? Then you won't love this

Updated Learn to love the browser instead

Arm cozies up to Intel for second time in a week – this time to borrow tools from Yocto Project for Mbed Linux

Aww, ain't that sweet

SUSE and Microsoft give enterprise Linux an Azure tune-up

Veteran penguin botherer feels the need. For speed

STIBP, collaborate and listen: Linus floats Linux kernel that 'fixes' Intel CPUs' Spectre slowdown

Meanwhile: Another kernel dev is 'unfscking' the source code, with predictable results

WLinux brings a custom Windows Subsystem for Linux experience to the Microsoft Store

What's better than one Linux distro? Dozens of 'em, of course!

Linux kernel Spectre V2 defense fingered for massively slowing down unlucky apps on Intel Hyper-Thread CPUs

This is on by default? 'Yikes' says Chipzilla fellow

Microsoft ports its Quantum Development Kit to Linux and macOS

Now that it's not Windows-only, you can simulate a theoretical computer on a real computer

Microsoft loves Linux so much its R Open install script rm'd /bin/sh

Machine-learning suite ends its sloppy packaging ways after Debian dev roasts Redmond

Wintel part deux? Microsoft Azure first for Intel Clear Linux

Stateless Linux data center released into the wilds