VMware Cloud Community
ITaaP
Enthusiast
Enthusiast
Jump to solution

Risk with Public Cloud from Meltdown / Spectre

I know this has been talked about over and over again, but I can't seem to find a definitive answer to one question. People ask, "what should be patched"? Answer, everything including the guest OS.

What is not clear especially with public cloud providers using VMware for the hypervisor. In a shared environment, can a customer log into their guest OS and potential steal information from other guest OSes running on the same ESXi hypervisor?

https://tactsol.com https://vmware.solutions
Tags (1)
Reply
0 Kudos
1 Solution

Accepted Solutions
estanev
Enthusiast
Enthusiast
Jump to solution

Seem so....

"Result of exploitation may allow for information disclosure from one Virtual Machine to another Virtual Machine that is running on the same host."

[Security-announce] NEW VMSA VMSA-2018-0002 VMware ESXi, Workstation and Fusion updates address side...

View solution in original post

5 Replies
shane1973
Enthusiast
Enthusiast
Jump to solution

From everything I've read, what you just described is the main threat of these vulnerabilities.  Customer A has a VM running on the same host as Customer B, and an exploit could intercept data at the processor level.

I work on a private cloud, so our customers don't have to worry in this regard since they don't share their blades with anyone. If someone gets access to their guest VMs, they have bigger things to worry about than Meltdown and Spectre

Reply
0 Kudos
ITaaP
Enthusiast
Enthusiast
Jump to solution

It is much larger than what I described. Affects nearly every PC/server out there. An exploit with your Internet browser can allow someone to also exploit meltdown or spectre. So private or shared, the risk is still huge.

But still have yet to read a guest OS on ESXi can compromised all VMs running on that server. If that is the case, why would companies, especially healthcare, financial, etc. risk putting any resources in public cloud?

https://tactsol.com https://vmware.solutions
Reply
0 Kudos
estanev
Enthusiast
Enthusiast
Jump to solution

Seem so....

"Result of exploitation may allow for information disclosure from one Virtual Machine to another Virtual Machine that is running on the same host."

[Security-announce] NEW VMSA VMSA-2018-0002 VMware ESXi, Workstation and Fusion updates address side...

shane1973
Enthusiast
Enthusiast
Jump to solution

But again, I'm just providing the platform. We don't provide support into their OS.  I was just making the point that between our cloud and public cloud, a customer doesn't have to worry about who they are sharing their host with.

I personally don't see how anyone sleeps at night when they're on a public cloud.

As far as the risk, the exploits are able to see into the caches of the processors, so they can intercept all data being processed which includes intercepting passwords, etc.  The exploits don't just see the data from their guest OS.

Reply
0 Kudos
ITaaP
Enthusiast
Enthusiast
Jump to solution

Amazon's stock is up over 200 points this year. I guess people aren't too concerned. 🙂

https://tactsol.com https://vmware.solutions
Reply
0 Kudos