Author Archives: Michael Roy

About Michael Roy

Michael Roy is the Product Line Marketing Manager for Fusion, Fusion Pro, Workstation Pro and Workstation Player at VMware. He guides product roadmap and messaging, produces and presents technical collateral, and works across teams to refine product integration strategy.

Workstation 12.5.6 Now Available with Windows 10 Creators Update Support

We’re happy to announce some new updates to VMware Workstation 12.5, both Pro and Player editions.

In this release, versioned 12.5.6, we’ve improved support for the upcoming Windows 10 Fall Creators Update as both Host and Guest, as well as several bug, and security fixes.

You can grab the update by using the Check for Updates function in Workstation, or by visiting:

vmware.com/go/getworkstation

Check out the release notes here: http://pubs.vmware.com/Release_Notes/en/workstation/12/workstation-1256-release-notes.html

VMware Workstation 12.5.6

 

Hypervisor Security Matters

securely-vmware

 

As I’m sure you noticed, we’ve delivered a flurry of patch-releases for Fusion and Workstation in the last few weeks. Want to know why? Because security matters.

More visibility

The Pwn2Own competition at the CanSecWest conference put a huge bounty on ‘vmescape‘. They’re not the first to do this, and they won’t be the last. And I want to be clear up front, we’re delighted that they helped us make our products more robust, and more secure.

For those not following this closely, ‘vmescape’ is the challenge of executing code on a host machine, that originated on a virtual machine. In other words, you have to execute something on a virtual computer, that tricks the hypervisor, such as Fusion, Workstation, ESXi, etc, in to passing that code through to the host computer, effectively breaking out of the guest with the intent of controlling or damaging the host.

While the successful exploits themselves are interesting to note, the likelihood of this causing actual damage to you, in the real world is pretty small. Partly because of the nature and complexity of the technology involved, and partly because of the bevy of unknowables of a real production system. Mike Foley, one of our foremost security gurus, notes:

“VM Escape is not the threat your security guy thinks it is. It’s really, really hard to do.”

Hard to do, but still imperative that we fix.  And so we have. With an abundance of gratitude to our incredibly talented security team, working directly with our multi-discipline engineering teams, we think we’ve been on top of things.

Platform security is critically important

Virtualization technology today is used more widely, and in more critical systems than ever. With VMware having such a prominent footprint both on the desktop and in the data center, we take our role and responsibility in this very seriously.

While many of our Fusion & Workstation customers are considered ‘consumers’,  (i.e. they have a single copy installed on their own personal machine), the majority of our customers are business, both small and large. Security for the end-user is important, but when we’re talking about corporate systems and virtual desktops that connect to those systems, the need for an air-tight virtualization stack becomes an imperative.

To that end, we’ve delivered 3 critical patches for both Fusion and Workstation (both Pro and Player), each addressing different security issues documented in our Security Advisory announcements (which can be found here), all within the past 3 weeks.

We understand that this makes it tricky for you. Updating software is never fun – even if it’s fully automated – and we appreciate the anxiety we may have caused you, but I hope you agree, it was worth it

Collaboration is Key

We’re very proud of our engineering teams. Cross collaboration between them is critical when addressing complex issues, made more difficult by the need for rapid delivery. And of course while patching is critical, maintaining a high level of product quality is something we refuse to compromise on.

We work directly with security researchers who demonstrate some pretty slick exploits at several security shows, and we’re keen to see that trend continue. In this day-and-age, when breaches and data privacy issues are making mainstream headlines, we couldn’t do this without the collaboration we get from the community. We are immensely grateful to you.

Now, Secure yourself

It’s always important to stay up to date with security patches for all software you own/use/control. If your software hasn’t auto-updated already, get the latest patches [here]. And while we have your security attention, we recently came up with a nice little way to use Fusion and Workstation to help increase both your own security and privacy when dealing with online threats.

For this use case, we have a nice summary infographic and video, with more detailed writeups for safely surfing the Internet with Fusion and Workstation [linked respectively].

Workstation now a part of the VMUG Advantage Program

vmug+pd

Hi folks!

Here on the Personal Desktop team (which is the product group containing our Fusion and Workstation products), we love our users. We bend over backwards to make sure the products are secure, and work in a way that our users expect with regular new features and the stability we’ve all come to depend on.

In this vein, the VMware User Group, or VMUG, members are our most passionate and advanced users. These are the kind of users who rely on Fusion or Workstation to test  applications and operating systems locally before pushing to their bigger vSphere platform. They know virtualization inside and out, are our earliest adopters, and dedicate time to testing the latest and greatest from any vendor that wishes to have a footprint in their data center.

Which is why we’re very excited to announce that VMware Fusion and VMware Workstation are now included in the VMUG Advantage program!

The VMUG Advantage program includes the ‘VMUG EvalExperience’ subscription which provides exclusive access to 1-year evaluation licenses of VMware’s flagship products and solutions, for use as a learning tool in your home lab. In addition, you get:

  • EVALExperience
  • 20% Discount on VMware Training Classes
  • 20% Discount on VMware Certification Exams
  • $500 IBM SoftLayer Cloud Credit
  • 35% Discount on VMware Lab Connect
  • $100 Discount on VMworld Attendance

The full list of products in the EVALExperience program includes:

  • VMware Workstation Pro 12.5
  • VMware Fusion Pro 8.5
  • VMware vCenter Server Standard for vSphere 6
  • VMware vSphere with Operations Management Enterprise Plus
  • VMware vCloud Suite Standard
  • VMware vRealize Operations
  • VMware vRealize Log Insight
  • VMware vRealize Operations for Horizon
  • VMware Horizon Advanced Edition
  • VMware vSAN

If you’re an admin who works with VMware’s products, there’s never been a better time or reason to join the VMUG Advantage program!

Using Workstation to Browse the Web More Safely

Did you know you can use VMware Workstation or Fusion to safely browse the web? Check out our video and learn more below!

A quick History Lesson

During the Internet’s infancy, ‘Surfing’ the World Wide Web was an exhilarating experience. (complete with a soundtrack!)  It wasn’t called ‘Web Surfing’ without good reason, although we don’t really refer to it that way anymore.

The Internet was great, but in addition to being a place to share ideas it needed to be a place for consumer commercial activity in order to gain the resources (i.e. corporate sponsorship and investment) needed to grow.

Online retail had overtaken buying things from brick-and-morter stores as far back as 2013, and the statistics only show Internet usage growing.

With bring the most connected generation in the history of the world, we are also now gathering more information than ever.

Things start to go Wrong

We now live in a world where a simple transparent 1×1 pixel .gif can be used to follow and track our online behaviour an endless number of sites across all of your devices. Social media hooks are built into every page for shareability, allowing groups like Facebook, Twitter and Google to learn more about what you click than ever before.

On the darker side of that equation, you have lots of potential for misuse and abuse of this new distributed digital landscape. Ad networks can unknowingly distribute malware, pages can ‘click-bait’ you into accidentally opening a barrage of popups or worse, and mobile devices have not had the same maturity as desktop devices so their ability to block unknown threats is minimal at best.

A Potential Solution

So, what does this have to do with VMware or VMware Workstation?

Workstation can be used to isolate all of this behaviour away from the computer that you are using, keeping you safe and protected.

Because of the isolation provided by the VMware hypervisor technology, using a virtual machine in Workstation effectively creates a sandbox for a second (or third, or fourth…) Operating System on the same computer you’re running.

It runs it the new OS in an isolated way with respect to Memory, CPU, and physical hardware devices. To be cliche about it: “What happens in the VM stays in the VM.”

So when something attacks a browser that’s running in a Virtual Machine sandbox, it has no way of impacting the main computer where you might have more sensitive information stored, like credit card or account numbers or access to otherwise protected networks that are available to the host computer.

And because it’s a virtual machine, you can do other interesting things as well, such as having a ‘snapshot’ for a roll back point, put it on a different network than the physical computer itself, or even bring that same VM to different computers to avoid having to use someone else’s browser.

Kid Friendly Internet-ing

It also makes sense if you have kids. I helped my sister out by having my nephew use a virtual machine. He double-clicks the ‘Kids Internet’ button on the desktop, it fires up a Linux virtual machine, and everything that he and his little brother click on can be easily undone by rolling back to a snapshot taken earlier.

It’s an interesting use case, and makes a lot of sense, especially for the privacy-conscious. There are OS’s out there designed specifically for anonymity such as Tails, Discreete Linux, Whonix, or Qubes OS.

We really think that our users would get a lot of benefit from this sort of a setup, so we put together a short Infographic and Video to share the story.

Have a look!

Black Friday sale is now live!

blog_black_banner_q4_2016_en_fusion8_fusion8pro_779x261

 

It’s that time of year again! Our biggest sale of the year is now live on store.vmware.com!

blog_black_banner_q4_2016_en_workstation12pro_779x261

VMware Workstation for Businesses

Did you know that VMware Workstation Pro makes it easy to manage a fleet of “Bring Your Own Device” users?

By managing local desktop virtualization endpoints and users with VMware Horizon FLEX, businesses have more control than ever before. Use Workstation Pro to create your ‘Gold Master’ templates and then share those with end users to run using Workstation Player. The templates can be restricted and even encrypted, and managed from the central Horizon FLEX console.

Even when used un-namaged, Workstation Pro and Workstation Player allows BYOD PC’s to live in the enterprise like never before. Users can run the corporate desktop, complete with custom windows-only applications developed in-house, right from their personal Windows or Linux PC.

Want to learn more? Check out our video and then come visit our VMware Workstation and Horizon FLEX product pages!

 

VMware Workstation for Developers

Did you know that VMware Workstation is a key tool when developing and testing applications?

Learn more in this new video!

Workstation 12.5 Pro and Player now available!

Start your upgrade engines!

WS-125-boxes

 

The Workstation team is proud to announce general availability of VMware Workstation 12.5 Pro and VMware Workstation 12.5 Player! These updates are free for all VMware Workstation 12 Pro and Workstation 12 Player users.

Buy or Upgrade Now!

Users on Workstation 7 and greater are now eligible for upgrade pricing!

Current customers can grab the bits from below, or from our in-app upgrade feature:

Workstation Pro

vmware.com/go/getworkstation

Workstation Player

vmware.com/go/getplayer

Workstation Player works best for businesses when paired with Horizon FLEX. Did you know you can manage a whole fleet of user’s local virtual machines from a single management console?

This release supports the latest Windows 10 Anniversary Edition from Microsoft, and is ready to support Windows Server 2016 upon its release.

This release also includes numerous bug fixes, security updates and performance improvements, including:

  • A Linux host with kernel 4.6 fails to launch Workstation because the vmmon and vmnet drivers are not built successfully. This issue is resolved.
  • If you configure Revert to snapshot when a VM is powered off from Options-> Snapshots, the VM actually reverts to a snapshot when suspended. This issue is resolved.
  • On Windows Server 2016 Technical Preview host, help links do not appear. This issue is resolved.
  • Workstation menu View->Fit Guest Now does not work for Windows Vista guest with VMware Tools installed. This issue is resolved.
  • If your Windows host has an NVDIA GPU, you might hit the VMware Workstation unrecoverable error: (svga) when running a 3D application in the guest. This issue is resolved.
  • VMware Workstation Pro resolves an issue where you cannot boot virtual machine on a 64-bit Braswell N3150 processor and the following error appears:
    • MONITOR PANIC: vcpu-0:VERIFY vmcore/vmm/main/cpuid.c:376 bugNr=1036521.
  • The guest OS uses the full amount of memory allocated to the virtual machine even if you try to limit the amount of memory used by the guest OS through the BCDEdit ‘truncatememory’ option. This issue is resolved.

There are many more fixes, please check out the Release Notes for Workstation Pro and the Release Notes for Workstation Player for more detail.

In Other News…

Did you hear we’re giving away 20 Oculus Rift headsets?

What are our users saying?

We put a camera in front of the door to our VMworld 2016 session (which you can watch here!) Well, in a couple of words, it sounds like this:

 

Workstation 12.5 Announced!

We’ve been holding in the surprise for some time now but on the keynote stage today at VMworld, Sanjay Poonan, EVP of our End user Computing business unit where Fusion and Workstation are situated, pulled the covers back and revealed the details about our big annual release.

This year we are delivering 2 updates to the Workstation product family: Workstation 12.5 Pro and Workstation 12.5 Player, and the big surprise is this: It’s a free upgrade for all current-version customers.  So, if you’re on Workstation 12.5, you’re going to be able to upgrade to the latest version with full support for Windows 10 Anniversary edition, for free. We’ll also be adding Windows Server 2016 support when it comes available.

This is an exciting release for us because it marks the first time that we have provided a yearly update for no additional cost to current-version customers. We’ve been holding the surprise in for some time, so we’re very excited to finally share this with the world.

We’ve also changed how users can upgrade to the latest release. Users are eligible for upgrade pricing going back to Workstation 7. So, if you have an old Workstation license and haven’t upgraded in a few years, there’s never been a better time to upgrade!

This also marks the announcement of Fusion 8.5 and Fusion 8.5 Pro which you can read more about here.

Meet the Workstation & Fusion Teams!

One of our signs at our Palo Alto campus

The Workstation and Fusion teams are having a very busy year. Since we shipped Workstation 12 and Fusion 8 almost a year ago, we’ve been busy adding new skills to the development teams so that we can take the products in a new and compelling direction. Added to that, the team has released several updates that you really should be loading on to your systems – they make the products better in a bunch of ways that are described here, here and here.

Given that some of the new features we’re working on are aimed at developers, we recently sponsored a Macworld party at WWDC so that people could meet the me and the rest of the management team. I was impressed by how passionate and supportive the party-goers were, and we certainly learned a lot. Our backlog of ideas almost doubled!

MacWorld-party-2016

Early shot of the rooftop Patio Party with Macworld and friends during WWDC 2016, VMware’s Andy Morris can be seen on the very right in the middle of some intense conversation with our eStore team director, Michael B.

More sober and back in the office, it occurred to us that more people might like to meet the team too. The management team is boring, that’s just the five of us Powerpoint jockies; the real teams that do the hard work of building, delivering and supporting the products are a diverse group of people spread all over the world.

Our Palo Alto braintrust. Without these geniuses, we wouldn't be having this conversation!

Our Palo Alto braintrust. Without these geniuses, we wouldn’t be having this conversation! Ooh, and check out the turtles in our pond!

The core compute, storage and network guys work on all of VMware’s hypervisors and are known as Layer 1. These guys build the hypervisor as well as our Virtual Devices (all the “hardware” that Windows/guests see), the Graphics stack, the Networking stack, VMware Tools, VMRC (the ‘console’ view), USB devices, and the list goes on… In the photo is about half of the group. Every one of the people in this photo is a certifiable genius, and without these guys, a whole industry would not exist.

Our Hosted UI and Quality teams

Our Hosted UI and Quality teams

Once they’ve done their voodoo, as they do, they pass the base code to these guys, our Hosted-UI (Product) and QE (Quality) teams. These folks have the incredibly difficult task of turning what is basically just cool tech, in to the products you love. And they do it exceedingly well. Every time we do a customer survey, Workstation and Fusion score the highest of all our products for quality and satisfaction. Our Hosted-UI team members, past and present, put in a lot of hours making Fusion and Workstation the amazing products they are today, and for that we can’t begin to express our gratitude.  By the same extension, we couldn’t be more excited about what we have in store for the future!

 

The Support team!

The Support team!

Of course, even with awesome quality control, sometimes you just need help solving a problem, and that’s where these guys come in. This is about half of our 24 hour, 7 days a week, Workstation and Fusion support staff. These guys are the ones we listen to the most. Building new products is fun, but we’re very aware that you rely on them to solve real world problems. These guys are our canaries, our triage, our compass. We couldn’t do it without them.

 

This combined team is working tirelessly to support you in your business. They’ve got a great surprise lined up for Q3, something very interesting for Q4, and something very big for H1. It’s not easy delivering a product that is downloaded almost 5 million times a year, but these people are the very best at what they do, and we’re proud to have them with us.