As handful of patches have just been released by VMware for their flagship bare-metal virtualization products ESX and ESXi.
With no surprise to me the majority of the patches are for ESX and relate to security flaws and vulnerabilities found within the Service Console. Keep in mind these vulnerabilities in no-way mean the virtual machines being hosted are at risk. These patches are typically for underlying services that the Service Console rely on, such as openssl, java, gzip and ntp. Sometimes these patches also resolve issues on how the Service Console communicates with the vmkernel layer as well as system devices.
Two of the patch bundles for ESXi share some common fixes with it’s ESX brother which cover a NTP vulnerability, a shared interrupt issue between the vmkernel and console as well as a patch that properly enables quiescing utilizing the Microsoft Windows VSS components found in Windows 2008 R2 and Windows 7.
More information on these patches can be found by reviewing the individual bundles;
ESX 4.0 – ESX400-201005001
Includes 9 updates, including fixes for NTP, gzip, bind, vmkernel, krb5, webCenter, Expat, sudo and gcc.
For updating your ESX(i) hosts, simply use Update Manager or download the patches from the VMware website and use the Host Update Utility to perform these updates.
Created on May 28, 2010 by Rick Scherer
Posted under vSphere.
This blog has 501 views and 2 responses.