Recently, VMware has released a security bulletin about VMware Tools to which hackers can gain access. Only specific versions of VMware tools are targetted and some Windows and MacOS systems are affected. You should, however, make sure to check whether you're affected and then patch those VMware Tools to the latest version, which has recently been released.
Running the latest version of VMware Tools is crucial to ensure the security of your virtual infrastructure. As you all already know, VMware Tools is a suite of utilities that enhances the performance and management of virtual machines. It is essential to keep these tools up-to-date to prevent security breaches and vulnerabilities.
VMware Tools contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine and then initiate some actions.
The latest version of VMware Tools is available here:
To check your version of VMware tools you can do it in several ways, via vSphere client, via RVTools or another third-party app.
The latest version of VMware Tools provides several security features that can help protect your virtual machines from attacks. For instance, it offers UEFI Secure Boot, Virtualization-based Security, vTPM, encrypted vMotion, VM encryption, vSAN encryption, and more. These features can help improve the security of guest operating systems.
It is also important to keep track of updates for dormant virtual machines that are powered off because it can be easy to overlook them. Ensure that anti-virus software, anti-spyware, intrusion detection, and other protection are enabled for every virtual machine in your virtual infrastructure.
In addition, it is recommended to eliminate unnecessary services and ports to strengthen the security of servers. Updating with the latest service packs and patches, as well as the latest antivirus software versions, is also crucial. Make sure you enable default server firewalls to add an extra layer of protection.
Final Words
Running the latest version of VMware Tools is essential to prevent security breaches and vulnerabilities. It is also important to keep track of updates for dormant virtual machines, enable anti-virus software, anti-spyware, intrusion detection, and other protection for every virtual machine, and eliminate unnecessary services and ports. By following these best practices, you can help ensure the security of your virtual infrastructure.
Check this:
- Automatically install VMware Tools on multiple VMs
- Installing VMware Tools in a Windows virtual machine (1018377).
- Installing and upgrading VMware Tools in vSphere (2004754)
From VMware:
Mitre CVE Dictionary Links
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34058
More posts from ESX Virtualization:
- VMware vSphere 8.0 U2 Released – ESXi 8.0 U2 and VCSA 8.0 U2 How to update (NEW)
- What’s the purpose of those 17 virtual hard disks within VMware vCenter Server Appliance (VCSA) 8.0?
- VMware vSphere 8 Update 2 New Upgrade Process for vCenter Server details
- VMware vSAN 8 Update 2 with many enhancements announced during VMware Explore
- What’s New in VMware Virtual Hardware v21 and vSphere 8 Update 2?
- Homelab v 8.0
- vSphere 8.0 Page
- Veeam Bare Metal Recovery Without using USB Stick (TIP)
- ESXi 7.x to 8.x upgrade scenarios
- A really FREE VPN that doesn’t suck
- Patch your ESXi 7.x again
- VMware vCenter Server 7.03 U3g – Download and patch
- Upgrade VMware ESXi to 7.0 U3 via command line
- VMware vCenter Server 7.0 U3e released – another maintenance release fixing vSphere with Tanzu
- What is The Difference between VMware vSphere, ESXi and vCenter
- How to Configure VMware High Availability (HA) Cluster
Stay tuned through RSS, and social media channels (Twitter, FB, YouTube)
