Heartbleed Vulnerability and VMware

If you haven’t heard of the Heart Bleed Vulnerability in OpenSSL please read the following link:
http://heartbleed.com/

It will allow for data to be stolen undetected including keys, passwords, and more.

The VMware communities already has a few threads on it, but here is VMware’s official KB posting on it:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2076225

Here is the info as of 4/9/2014, 1 PM

Response to OpenSSL security issue CVE-2014-0160/CVE-2014-0346 a.k.a: “Heartbleed” (2076225)

Resolution

The VMware Security Engineering, Communications, and Response group (vSECR) is investigating the OpenSSL issue dubbed “Heartbleed” (CVE-2014-0160, CVE-2014-0346).This article reflects the status of the ongoing investigation.

These VMware products that ship with OpenSSL 1.0.1 have been confirmed to be affected:

  • ESXi 5.5
  • VMware Fusion 6.0.x
  • VMware vCloud Automation Center (vCAC) 5.1.x
  • VMware vCloud Automation Center (vCAC) 5.2.x
  • VMware Horizon Mirage 4.4.0

Note: Confirmation is pending for VMware vCenter Server 5.5.

These VMware products that ship with OpenSSL 0.9.8 have been confirmed to be unaffected:

  • ESXi/ESX 4.x
  • ESXi 5.0
  • ESXi 5.1
  • VMware Fusion 5.x
  • VMware vCenter Server 4.x
  • VMware vCenter Server 5.0
  • VMware vCenter Server 5.1
  • VMware vCenter Server Appliance (vCSA) 5.x
  • VMware vCloud Automation Center (vCAC) 6.x
  • VMware Horizon Mirage 4.3.x and earlier
  • VMware Update Manager (VUM)
  • VMware vCenter Orchestrator (vCO)
  • VMware vCloud Director (vCD)
  • VMware vCenter Operations Manager (vCOps)
  • VMware vCenter Site Recovery Manager (SRM)
  • VMware vCenter Configuration Manager (vCM)
  • VMware vSphere Storage Appliance (VSA)
  • VMware Workstation
  • VMware Player

Resolution/mitigation:

The issue can be mitigated by deploying VMware products on an isolated management network.

VMware is working on updating its products to remediate the issue.

Advertisements

Mass Schedule Both VM Tools and Hardware on Reboot Vsphere 5.5

Using both VUM and the web client you can set all of your VM’s to do both VMware tools and VM hardware upgrades. Unfortunately, the web client doesn’t have a good way to mass set the VM tools on reboot setting so we will need to use fat client with VUM.

VM Tools
1. Go to VMs and templates view at whichever object level you want to set your VM’s.
2. Make sure the vmware tools baseline is attached.
3. Click VMware tools upgrade settings.
4. Select all the machines to set to upgrade on reboot. Hit ok.

tools

Web Client
1. Click on the object you would like to select your VM’s from.
2. Hightlight all your VM’s under the Related Objects->Virtual Machines Tab.
3. Right click the higlighted machines and go to All Vcenter Actions -> Compatibility -> Schedule Upgrade

hardware hardware2
4. Select compatibility level and on guest reboot check box if you want a clean shutdown.

hardware3
5. Hit ok and you are done.

I have tested what happens on reboot and it does indeed do the hardware without a shutdown. It did it without even the blink of an eye. I am not sure how it does it so quickly but it was extremely fast.

VMware vExpert 2014 Announcement

I have been working with VMware products and designing solutions on it since 2006, but hadn’t really been too involved in the community. I have worked diligently this year and last to try to provide content in areas I felt don’t get much coverage in hope that it help others with their day to day work. I applied for the vExpert 2014 award this year and was added to the list! While I know it doesn’t necessarily mean that because you have it that you automatically know all there is to VMware it is a nice recognition of ones efforts to provide back to the IT community. So, I am honored to be one of the 754 vExperts this year.

I hope to continue to provide valuable contributions here and on the VMware communities as well. You can view the list here!

http://blogs.vmware.com/vmtn/2014/04/vexpert-2014-announcement.html