Today, VMware released an update that addresses two vulnerabilities in its vCenter Server and Cloud Foundation products:: A remote code execution vulnerability in the vSphere Client (CVE-2021-21985) Authentication mechanism issue in vCenter Server Plug-ins (CVE-2021-21986) About the vulnerabilities remote code execution vulnerability in the vSphere Client (CVE-2021-21985) The vSphere Client (HTML5) contains a remote code … Continue reading "VMSA-2021-0010 updates for vCenter Server addresses two security vulnerabilities (CVE-2021-21985, CVE-2021-21986)"
Sometimes, IT issues are not what they seem to be. A strange issue reared its ugly head last week regarding something I hold dearly: Active Directory backups. The situation An organization runs Active Directory Domain Controllers virtually on top of VMware vSphere. The VMware Tools are installed on the virtual machine. The organization creates backups … Continue reading "KnowledgeBase: VMware Tools Quiescence corrupts Active Directory backups"
This week, VMware released vSphere 7.0 Update 2 on its 6-month release schedule for its vSphere product. It is available to download right away, both through VMware Customer Connect and from within vSphere Lifecycle Manager itself. What’s New In case you missed it, the key focus areas in which VMware is making investments in vSphere … Continue reading "Two improvements in VMware vSphere 7.0 Update 2 are welcome news for Microsoft-oriented Identity-focused admins"
Yesterday, VMware released an update that addresses three vulnerabilities in its ESXi, vCenter Server and Cloud Foundation products: A remote code execution vulnerability in the vSphere Client (CVE-2021-21972) An SSRF vulnerability in the vSphere Client (CVE-2021-21973) An ESXi OpenSLP heap-overflow vulnerability (CVE-2021-21974) About the vulnerabilities Remote code execution vulnerability in the vSphere Client (CVE-2021-21972) The … Continue reading "VMSA-2021-0002 updates for VMware ESXi and vCenter address multiple security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)"
I’m proud to announce I am a 2021 VMware vExpert. This is my third vExpert award in a row. It’s an honor for me to be a part of the team driving Active Directory virtualization on VMware vSphere with Deji Akomolafe and Matt Liebowitz. Thank you! About the VMware vExpert Program The VMware vExpert Program is VMware’s global evangelism … Continue reading "I'm a 2021 VMware vExpert"
Back in July 2019, I wrote a blogpost on managing Active Directory Time Synchronization on VMware vSphere. This blogpost details how to configure time settings for Domain Controllers running as virtual machines on top of VMware vSphere. This blogpost introduced the concept of advanced time synchronization configuration. Now it’s time for an update; both for … Continue reading "VMware vSphere 7.0 Update 1 introduces an interface for advanced time synchronization configuration"
Today, VMware released an update that addresses a use-after-free vulnerability in the XHCI USB controller (CVE-2020-4004) and a VMX elevation-of-privilege vulnerability CVE-2020-4005). Together these two vulnerabilities can be used to compromise virtual Domain Controllers running on ESXi. Note: The vulnerabilities exist in VMware Cloud Foundation, too. The two vulnerabilities were responsibly disclosed to VMware by … Continue reading "Two vulnerabilities in VMware ESXi may lead to virtual Domain Controller compromise (Critical, VMSA-2020-0026, CVE-2020-4004, CVE-2020-4005)"
vCenter in VMware vSphere 7 introduces support for role-based access control (RBAC), based on standards-based federation. While this sounds fantastic, there are a couple of things you should know about this vCenter Identity Provider Federation feature, before you blindly implement it. vCenter 7.0 or later The vCenter Identity Provider Federation feature is only available … Continue reading "Ten Things You should know about vCenter Identity Provider Federation"
In October 2020, VMware published update VMSA-2020-0023 that claimed to fix the CVE-2020-3992 vulnerability in OpenSLP service in ESXi. OpenSLP is used for service location. This component has a use-after-free issue, that could allow a malicious person who has access to port 427 on an ESXi machine remote code execution. The vulnerability was rated with … Continue reading "VMware updated the patch for CVE-2020-3992 to completely address the Remote Code Execution Vulnerability (Critical, CVSSv3 9.8)"
In this series on virtualizing Active Directory on VMware vSphere, we’ve discussed earlier how to set up a straight-forward vCenter delegation model for running virtual Domain Controllers safely. Today, I want to discuss a new feature in VMware vSphere 7 that improves the lives of Identity and Access Management (IAM) professionals working with both technologies: … Continue reading "vSphere 7’s vCenter Server Identity Provider Federation feature allows for MFA"