Intel Design Bug – What about VMware ESXi and VMs?
By now probably everyone with an internet access who read news in the last couple of days noticed the bad Intel design bug that is affecting millions or even billions of devices, server and client computer. While potential hacker might not be extremely interested spending time to bother personal computer and mobiles, the situation changes when it comes to systems hosting hundreds, thousands or millions of customer infrastructures and their data. There is not doubt that cloud computing could be a valuable target for attacks utilizing this bug.
While many reports say that VMware ESXi (VMkernel) is not affected, the guest OS, so the virtual machine is affected.
Extract from the VMware blog Post: https://blogs.vmware.com/security/2018/01/vmsa-2018-0002.html
Update 01/04/18: OS vendors have begun issuing patches that address CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 for their operating systems. For these patches to be fully functional in a guest OS additional ESXi and vCenter Server updates will be required. These updates are being given the highest priority. Please sign up to the Security-Announce mailing list to be alerted when these updates are available.
Read the entire article here, Intel Design Bug – What about VMware ESXi and VMs?
Via the fine folks at opvizor.