Uncategorized

Secure Boot in vSphere 6.5

Tom Fenton has an article in Virtualization Review on the latest version of VMWare’s vSphere 6.5, and this release includes UEFI changes:

[…]Another major security upgrade in this release is “Secure Boot,” to prevent unauthorized operating systems and software from loading during the startup process. Secure Boot is a feature enabled by UEFI, and can be used not only when booting the hypervisor, but also when booting up the guests. VMware has also updated its logging to include the ability to track who did what on a vSphere system. […]

https://virtualizationreview.com/articles/2016/10/18/vsphere-6_5-first-look.aspx

Standard
Uncategorized

UEFI firmware patch for VMware workstation

The earlier post on this was when the project was a new project with no code. They have code now, which consists of a few shell scripts and a patch to linux/driver.c. Presume this is unofficial. 🙂

“This is a program to patch VMware Workstation 12 kernel modules and to sign them using a X.509 key and enrolling the key in the system UEFI firmware.”

https://github.com/hashhar/vmware-module-patch

https://firmwaresecurity.com/2016/09/05/vmware-uefi-firmware-key-patch/

Standard
Uncategorized

VMware UEFI firmware key patch

This project just got created on Github.  No code yet, but only an hour old. If you are into VMware and UEFI, you might want to watch for this project to evolve.

VMware Workstation Kernel Modules Signing Patch
This is a program to patch VMware Workstation 12 kernel modules and to sign them using a X.509 key and enrolling the key in the system UEFI firmware.

https://github.com/hashhar/vmware-module-patch

Standard
Uncategorized

VMware

Business changes at EMC, impacting VMWare, multiple news sites with stories on it.

 

VMware Takes Restructuring Charge, Changes CFOs

http://www.wsj.com/articles/vmware-names-new-cfo-will-cut-800-jobs-1453847929

http://www.theregister.co.uk/2016/01/27/vmware_fusion_and_workstation_development_team_fired/

http://www.computerworld.com/article/3026842/virtualization/vmware-cuts-800-jobs-as-it-transitions-from-older-blockbuster-compute-products.html

 

Standard
Uncategorized

VMware vulnerability

VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability

VMware Security Advisory
Advisory ID:     VMSA-2016-0001
Synopsis:     VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability
Updated on:     2016-01-07 (Initial Advisory)
CVE numbers:     CVE-2015-6933

Impacts:
VMware ESXi 6.0 without patch ESXi600-201512102-SG
VMware ESXi 5.5 without patch ESXi550-201512102-SG
VMware ESXi 5.1 without patch ESXi510-201510102-SG
VMware ESXi 5.0 without patch ESXi500-201510102-SG
VMware Workstation prior to 11.1.2
VMware Player prior to 7.1.2
VMware Fusion prior to 7.1.2

VMware would like to thank Dmitry Janushkevich from the Secunia Research Team for reporting this issue to us.

See full announcement for more information, including patch/workarounds.

http://www.vmware.com/security/advisories/VMSA-2016-0001.html
http://kb.vmware.com/kb/2078735

Standard
Uncategorized

VMware security update

http://www.vmware.com/security/advisories/VMSA-2015-0009.html

Advisory ID:     VMSA-2015-0009
Synopsis:     VMware product updates address a critical deserialization vulnerability
Updated on:     2015-12-18 (Initial Advisory)
CVE numbers:     CVE-2015-6934

VMware product updates address a critical deserialization vulnerability in vRealize Orchestrator 6.x and vCenter Orchestrator 5.x. A deserialization vulnerability involving Apache Commons-collections and a specially constructed chain of classes exists. Successful exploitation could result in remote code execution, with the permissions of the application using the Commons-collections library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-6934 to this issue.

Standard