Stray Thoughts

VMWare released a security update pertaining to ESX/ESXi which addresses a number of security vulnerabilities (43 or so) in ESX/ESXi 4.0.

Complete update can be found here : http://lists.vmware.com/pipermail/security-announce/2010/000093.html

resource for hardening vShere : http://blogs.vmware.com/security/2010/04/vsphere-40-hardening-guide-released.html

Tags: vmware, security

VMware Fusion 3.0 gone from Release Candidate to General Availability, so as  VMware Workstation 7.0 and VMware ACE 2.6

New features

• Nested VMs.  This allows you to run ESX with guests inside of workstation
• support for Windows7 (and it's associated new graphics APIs) and Windows Server 2008.
• support for VMs with up to 4 processors and 32GB of memory
• ALSA sound support for Linux
• new "pause" feature, allowing you to pause a VM if you need some temporary processor power for your host or another VM
• a new Virtual Network Editor

More Info

http://www.vmware.com/company/news/releases/fusion3-preorder.html
http://blogs.vmware.com/workstation/2009/10/workstation-7-release-candidate-available.html

Tags: vmware,

VMware has released the following new security advisory, VMSA-2009-0010

This advisory results in updates to

VMware Workstation
VMware Player
VMware ACE

Tags: security, vmware

VMWare released a new security advisory about a vulnerability in the krb5 (Kerberos) package. The vulnerability allows a remote attacker to cause a DoS or potentially execute arbitrary code on the ESX server.

According to the advisory available at http://lists.vmware.com/pipermail/security-announce/2009/000059.html all ESX versions are affected (ESXi is not affected), however, the Kerberos package is not installed by default.

Tags: virtualization, security, vmware