Spectre & Meltdown on VMware – What you need to patch

Spectre & Meltdown are hot topics at the moment but how does this affect VMware solutions?

VMware have provided detail on their stance on the situation via mostly two KB articles; https://kb.vmware.com/s/article/52245 & https://kb.vmware.com/s/article/52264

In summary this is what is covered:

ESXi, Workstation & Fusion

• ESXi is affected by Spectre and patches were rolled out prior to the vulnerability being made public (for v6.0, v6.5 & VMC at least). See here for full details: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
• Patches have also already been released for  Workstation v12, v14 & Fustion v8, v10
• ESXi is not affected by Meltdown but is affected by Spectre
• For a full list of patches that you need to apply to affected products see here: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
• IMPORTANT: The microcode update for ESXi has been pulled, action must be taken regardless of if you have already applied this patch. Full details here: https://kb.vmware.com/s/article/52345

VMware Virtual Appliances

Virtual appliances that might be affected include:

• VMware vCenter Server 6.5
• VMware vCenter Server 6.0
• VMware vSphere Integrated Containers
• VMware Identity Manager
• VMware vRealize Automation

Patches for these will be released after testing is concluded. Workarounds already exist: https://kb.vmware.com/s/article/52264

Photon OS

• Photon OS is vulnerable and security advisories have already been issues here: https://github.com/vmware/photon/wiki/Security-Advisories

Graham

Graham works closely with VMware & Microsoft solutions. He is a VMware Certified Implementation Expert, 8x VMware vExpert & a VMware User Moderator on the official VMware VMTN forums. Feel free to reach out via Twitter @VirtualG.uk or email: contact@virtualg.uk

See Full Bio

VMware Technologies Dell Technologies