Today, I show you how you can ensure you comply to DISA recommendations to have only needed roles and features enabled on various Windows machines using VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops).
Today (8/21/2014) VMware Security Response Center is releasing a consolidated list, in the form of an Excel file (see below) of VMware Security Advisories. The list provides a single source of Security Advisories since 2012.
The list contains all affected products, versions, fix details, known workarounds, VMware Knowledge Base articles, and release notes or KBs for each CVE. This is provided so customers can import Security Advisory details into their security management systems or for patch management.
We plan to update the list each time a new or updated VMware Security Advisory is released.
Details of the contents can be found in VMware Knowledge Base article:
Today, I show you how you can ensure you comply to DISA mandates to have DoD certificates on each Microsoft Windows machine using VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops).
The VMware Center for Policy & Compliance (CP&C) is pleased to announce the updated DISA STIG compliance toolkit for UNIX and Linux based environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops). This is a major update release to prior released DISA Compliance Toolkits for UNIX and Linux based environments. The compliance toolkit product data sheet can be found here.
The new advisory details a remote code execution vulnerability in vCenter Operations Management Suite (vCOPS). This advisory also documents a workaround for customers that cannot update to the new version of vCOPS.
Following the June 5, 2014 disclosure of new OpenSSL security vulnerabilities, we are currently investigating and assessing impact to our products and services as well as our own customer-facing portals.
The new advisory details a privilege escalation issue in VMware Tools on Windows 8.1. In order to remediate this issue, VMware Guest Tools must be updated in any pre-existing Windows 8.1 Guest Operating System.