Category Archives: VMware vExpert

VMware finally addresses an important privilege escalation vulnerability in vCenter Server (VMSA-2021-0025)

This week, VMware released an update that finally addresses a vulnerability in vCenter Server. Since November 2021, this vulnerability could be used to compromise vCenter Server installations and the ESXi host they manage. Note:  The vulnerability exists in VMware Cloud Foundation, too.   About vCenter Server VMware vCenter Server, formerly known as VirtualCenter, is the […]

0  

I'm a 2022 VMware vExpert

I’m proud to announce I am a 2022 VMware vExpert. This is my fourth vExpert award in a row. It’s an honor for me to be a part of the team driving Active Directory virtualization on VMware vSphere with Deji Akomolafe and Matt Liebowitz. Thank you! About the VMware vExpert Program The VMware vExpert Program […]

0  

VMware ESXi 7.0 Update 3c’s cURL version is vulnerable

On January 27th, 2022, VMware released vSphere 7.0 Update 3c. While this much anticipated update to ESXi 7.0 Update 3 addresses a wide range of critical issues, it also – unfortunately – leaves a gap. EARLIER WITH VSPHERE 7 UPDATE 3… In November 2021, VMware took the unprecedented step to retract the ESXi 7 Update […]

1  

VMware vSphere 7 Update 3c is now available, accompanied by vCenter Server 7 Update 3c with Log4J fixes

For all virtualization admins, running VMware vSphere, a new stable release of vSphere 7 Update 3 is now available. Additionally, the vCenter Server that is part of this release addresses the Apache Log4j critical security vulnerabilities found in this product. Earlier with vSphere 7 Update 3… In November 2021, VMware took the unprecedented step to […]

0  

VMSA-2021-0027 updates for VMware vCenter Server 6.5 and 6.7 address two vSphere Web Client vulnerabilities (CVE-2021-21980 and CVE-2021-22049)

Earlier this week, VMware released an update that addresses an arbitrary file read vulnerability in the vSphere Web Client (CVE-2021-21980) and an SSRF vulnerability in the vSphere Web Client (CVE-2021-22049). These two vulnerabilities can be used to compromise virtual Domain Controllers running on VMware vSphere ESXi 6.5 and vSphere ESXi 6.7. About the vulnerabilities arbitrary […]

0  

VMware has recalled all released versions of vSphere 7.0 Update 3

VMware’s vSphere ESXi 7.0 U3, U3a, and U3b and VMware vCenter 7.0 U3b are no longer available for download due to several critical issues identified in them. Issues experienced in the field Organizations running vSphere 7.0 Update 3 have reported the following critical issues: ESXi 7.0 Update 3 hosts can experience a PSOD when virtual […]

0  

VMWare fixes an important privilege escalation vulnerability in vCenter Server (VMSA-2021-0025)

This week, VMware released an update that addresses a vulnerability in vCenter Server. This vulnerability can be used to compromise vCenter Server installations and the ESXi host they manage. Note:The vulnerability exists in VMware Cloud Foundation, too. About vCenter Server VMware vCenter Server, formerly known as VirtualCenter, is the centralized management tool for the vSphere […]

0  

Support for vSphere 6.5 and vSphere 6.7 ends in one year

On October 18th, 2016, VMware announced vSphere 6.5 focusing on a simplified experience and improving security features. Today, we're seeing one year of support left for this great product that has served so many organizations well.   vSphere 6.5 To me, vSphere 6.5 was a milestone release. Sure, it didn't have the appeal as other […]

0  

VMware fixes 19 vulnerabilities in vCenter Server (VMSA-2021-0020)

Today, VMware released an update that addresses nineteen vulnerabilities in vCenter Server. These two vulnerabilities can be used to compromise vCenter Server installations and the ESXi host they manage. Note: The vulnerabilities exist in VMware Cloud Foundation, too.   About vCenter Server VMware vCenter Server, formerly known as VirtualCenter, is the centralized management tool for […]

0  

I'm virtualizing Domain Controllers at VMware VMworld 2021 around the world

I’m pleased to announce that I will be delivering a 1-hour level 300 Tech+ tutorial titled 'Virtualizing Active Directory – Doing It Right!' with Deji Akomolafe and Matt Liebowitz at VMware VMworld 2021. This will be my fifth time presenting at VMworld on Active Directory and sharing the stage with these fellow VMworld Distinguished Speakers. […]

0