Support for vSphere 6.5 and vSphere 6.7 ends in one year

On October 18th, 2016, VMware announced vSphere 6.5 focusing on a simplified experience and improving security features. Today, we're seeing one year of support left for this great product that has served so many organizations well.   vSphere 6.5 To me, vSphere 6.5 was a milestone release. Sure, it didn't have the appeal as other … Continue reading "Support for vSphere 6.5 and vSphere 6.7 ends in one year"

VMware fixes 19 vulnerabilities in vCenter Server (VMSA-2021-0020)

Today, VMware released an update that addresses nineteen vulnerabilities in vCenter Server. These two vulnerabilities can be used to compromise vCenter Server installations and the ESXi host they manage. Note: The vulnerabilities exist in VMware Cloud Foundation, too.   About vCenter Server VMware vCenter Server, formerly known as VirtualCenter, is the centralized management tool for … Continue reading "VMware fixes 19 vulnerabilities in vCenter Server (VMSA-2021-0020)"

I'm virtualizing Domain Controllers at VMware VMworld 2021 around the world

I’m pleased to announce that I will be delivering a 1-hour level 300 Tech+ tutorial titled 'Virtualizing Active Directory – Doing It Right!' with Deji Akomolafe and Matt Liebowitz at VMware VMworld 2021. This will be my fifth time presenting at VMworld on Active Directory and sharing the stage with these fellow VMworld Distinguished Speakers. … Continue reading "I'm virtualizing Domain Controllers at VMware VMworld 2021 around the world"

VMSA-2021-0014 updates for VMware ESXi and vCenter address two security vulnerabilities (CVE-2021-21994, CVE-2021-21995)

Today, VMware released an update that addresses an SFCB improper authentication vulnerability (CVE-2021-21994) and an OpenSLP denial-of-service vulnerability (CVE-2021-21995). These two vulnerabilities can be used to compromise virtual Domain Controllers running on ESXi. Note: The vulnerabilities exist in VMware Cloud Foundation, too. The two vulnerabilities were responsibly disclosed to VMware.   About the vulnerabilities SFCB … Continue reading "VMSA-2021-0014 updates for VMware ESXi and vCenter address two security vulnerabilities (CVE-2021-21994, CVE-2021-21995)"

VMware Tools v 11.3 fixes a Denial of Service vulnerability (VMSA-2021-0011, CVE-2021-21997, CVSv3 3.3)

This week, VMware introduced a new version of its VMware Tools. The reason for this release is a Denial of Service (DoS) vulnerability. About VMware Tools VMware Tools is a set of services and modules that enable several features in VMware products for better management of, and seamless user interactions with, guest Operating Systems. Although … Continue reading "VMware Tools v 11.3 fixes a Denial of Service vulnerability (VMSA-2021-0011, CVE-2021-21997, CVSv3 3.3)"

VMSA-2021-0010 updates for vCenter Server addresses two security vulnerabilities (CVE-2021-21985, CVE-2021-21986)

Today, VMware released an update that addresses two vulnerabilities in its vCenter Server and Cloud Foundation products:: A remote code execution vulnerability in the vSphere Client  (CVE-2021-21985) Authentication mechanism issue in vCenter Server Plug-ins (CVE-2021-21986) About the vulnerabilities remote code execution vulnerability in the vSphere Client (CVE-2021-21985) The vSphere Client (HTML5) contains a remote code … Continue reading "VMSA-2021-0010 updates for vCenter Server addresses two security vulnerabilities (CVE-2021-21985, CVE-2021-21986)"

KnowledgeBase: VMware Tools Quiescence corrupts Active Directory backups

Sometimes, IT issues are not what they seem to be. A strange issue reared its ugly head last week regarding something I hold dearly: Active Directory backups. The situation An organization runs Active Directory Domain Controllers virtually on top of VMware vSphere. The VMware Tools are installed on the virtual machine. The organization creates backups … Continue reading "KnowledgeBase: VMware Tools Quiescence corrupts Active Directory backups"

Two improvements in VMware vSphere 7.0 Update 2 are welcome news for Microsoft-oriented Identity-focused admins

This week, VMware released vSphere 7.0 Update 2 on its 6-month release schedule for its vSphere product. It is available to download right away, both through VMware Customer Connect and from within vSphere Lifecycle Manager itself. What’s New In case you missed it, the key focus areas in which VMware is making investments in vSphere … Continue reading "Two improvements in VMware vSphere 7.0 Update 2 are welcome news for Microsoft-oriented Identity-focused admins"

VMSA-2021-0002 updates for VMware ESXi and vCenter address multiple security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)

Yesterday, VMware released an update that addresses three vulnerabilities in its ESXi, vCenter Server and Cloud Foundation products: A remote code execution vulnerability in the vSphere Client (CVE-2021-21972) An SSRF vulnerability in the vSphere Client (CVE-2021-21973) An ESXi OpenSLP heap-overflow vulnerability (CVE-2021-21974) About the vulnerabilities Remote code execution vulnerability in the vSphere Client (CVE-2021-21972) The … Continue reading "VMSA-2021-0002 updates for VMware ESXi and vCenter address multiple security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)"

I'm a 2021 VMware vExpert

I’m proud to announce I am a 2021 VMware vExpert. This is my third vExpert award in a row. It’s an honor for me to be a part of the team driving Active Directory virtualization on VMware vSphere with Deji Akomolafe and Matt Liebowitz. Thank you!  About the VMware vExpert Program The VMware vExpert Program is VMware’s global evangelism … Continue reading "I'm a 2021 VMware vExpert"