Notes on securing Meltdown and Spectre

Now that the dust is slightly starting to settle It became clear to me that there’s an enormous amount of information and confusion out there. I have read a lot of websites in order to get a clear picture and being able to get all of my hosts and Virtual Machines patched. While not completely done yet, here’s my collection of links and some answers on questions that I see asked often. This is a live document and will be updated with notes relevant for patching. Last update 2018/01/29 Continue reading “Notes on securing Meltdown and Spectre”


VMware Security Advisory:- VMSA-2015-0003.1

New advisory for you and this one looks like a beast, I mean it seems to affect every VMware product other than vSphere ESXi. But to be fair this is more of an issue with Oracle JRE than the overlaying applications stack. And relate to an issue documented in Oracle’s Critical Patch Update Advisory of January 2015 which contained 169 security fixes. It is strongly recommended by Oracle that the patch is installed and by VMware that this patch is applied to any and all of the affected products listed below: Continue reading “VMware Security Advisory:- VMSA-2015-0003.1”

VMware Security Advisory – VMSA-2015-0001.2

I have not done any of these for a while, so here we go, this is a catch all advisory to close down an number of vulnerabilities,  the original advisory was released in january and this one adds a couple of new products that have been patched.  if your product is down as having an available patch, then update to close down the risk

Continue reading “VMware Security Advisory – VMSA-2015-0001.2”

A Timely Remider: Passwords and Pin Codes Are Important

On June 24, 2014, a former editor of a now-defunct British tabloid newspaper (some will disagree with the use of the prefix “news”) was found guilty of phone hacking. Phone hacking is the practice of intercepting and listening to a phone’s voicemail messages without the owner’s knowledge or permission.

How did this happen? The technique used by the hackers was remarkably simple. In the first decade of the millennium, the time of the offenses, carriers had a default PIN code for remote voicemail access: “0000” or “1234,” for example. If a phone’s owner never retrieved voicemail from any device other than the owner’s personal cellphone, the default code would never be changed. All the hacker would have to do was know the mobile phone number of the target, follow the carrier’s technique for accessing voicemails from a different device, and then enter the carrier’s default number. Vodafone UK, for example, had a default of “3333.” It was incumbent upon the user of the phone to change this PIN.

Read More

VMware Security Advisory: VMSA-2014-0005

This patch addresses a potential guest privilege escalation caused by an issue in VMware tools installed on Microsoft Windows 8.1, so not really much of an issues as you can count the number of people using windows 8.1 on the fingers of one hand. Smile But seriously if you are using Windows 8.1 in  your environment as a VM then seriously consider this update.

Continue reading “VMware Security Advisory: VMSA-2014-0005”

VMware Security Advisory: VMSA-2014-0002

Updated Security Advisory, this one relates to some third party advisories. but please note that it does include a critical status!!, however that said, there is currently nothing you can do about the issue unless you are running vCenter 5.5, the update to the latest version “Update 1”.

The issue relates to a possible DDoS attack on the NTP Service and I advise you to read KB2070193 for full information on the vulnerability and remediation approaches.

Continue reading “VMware Security Advisory: VMSA-2014-0002”

VMware Security Advisory: VMSA-2014-0001

It has been a little quiet on the VMware Security Advisories lately, but today a little bit like buses along come three at once. 

The first is a brand new One and addresses a number or potential vulnerabilities.  two of which are circumvented by good design principles, like placing hosts on a separate protected network.  the final section relates to a common MITM attack vector.

Continue reading “VMware Security Advisory: VMSA-2014-0001”