Security

VMware sticks finger in Meltdown/Spectre dike for virtual appliances

Proper patches under way, but for now - to your command lines, vAdmins!

By Simon Sharwood

5 SHARE

VMware has advised on how to mitigate the Meltdown and Spectre chip design flaws in several of its products.

The workarounds cover vCloud Usage Meter, Identity Manager (vIDM), vCenter Server, vSphere Data Protection, vSphere Integrated Containers and vRealize Automation (vRA). And they're important because VMware now ships several of its products as appliances: vCenter, for example, is no longer allowed to run in a Windows VM.

The knowledge base articles for all the products state that Meltdown and Spectre can create problems for virtual appliances, explain that the mitigation tactics will stop attacks but must be considered "a temporary solution only and permanent fixes will be released as soon as they are available."

Several of the workarounds, listed here, require logging on as a privileged user and then type a couple of commands. Others require more effort. So crack open your command lines, vAdmins: there's work to do.

And in case you are super-keen on VMware and or wonder about what Dell plans to do with it , consider its SEC filings and those of the Dell Technologies tracking stock that's tied to Virtzilla.

Both record that colossal investment management outfit Blackrock Inc has recently increased its holdings in both stocks above the five per cent level that makes public disclosure compulsory. That kind of buy is sometimes a signal that an investor wants its opinions to be given greater weight.

So once you finish your workarounds, grab some popcorn. ®

Sign up to our NewsletterGet IT in your inbox daily

5 Comments

More from The Register

US Treasury goes after IT shops for funneling cash to North Korea

Meanwhile, Norks deny Sony hacker ever existed

'Desperate' North Korea turns to bank hacking sprees to rake in much-needed dosh

State-sponsored intrusions meets financial acquisition with APT38

UK.gov joins Microsoft in fingering North Korea for WannaCry

I can’t go into the details of our intelligence, but...

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

North Korea's finest spent 2017 distributing RATs, wipers, and phish

And sent them mostly to South Korea, naturally

Don't want to alarm you, but defence bods think North Korea could nuke UK 'within a few years'

Report on threat posed by rogue state demands more cash for government hackers

North Korea's antivirus software whitelisted mystery malware

'SiliVaccine' uses ancient, stolen, Trend Micro AV engine and bad home-brew crypto

Russian telco backs up North Korea's sole Internet link

Transtelecom can reach 256 North Korean hosts

North Korea attacks Bitcoin bods to swell its war chest says FireEye

BTC isn't explicitly covered by sanctions and Kim could launder it into useful currencies

US-CERT warns of more North Korean malware

'Typeframe' springs from the same den as 'Hidden Cobra'