VMware Cloud Community
MTJohnson
Contributor
Contributor
‎01-10-2018 02:37 PM
Jump to solution

vRA and Meltdown/Spectre

As management cares only about the dashboard being all "green", I have two questions on updates for the vRA appliance.  First, the compatibility mode.  My appliance after deploying was set to version 7.  With the new patches we need to go to at least 9.  Any problems upgrading that? (I'm on vRA 7.3).

And any idea on an ETA to get the OS patched for the appliance?  I'm guessing it'll be in the next version, but like I mentioned, management loves their green dashboards.

0 Kudos
1 Solution

Accepted Solutions
gradinka
VMware Employee
VMware Employee
‎01-17-2018 02:11 PM
Jump to solution

- the vRA team is working on a KB article which will explain how to mitigate the attack vectors for this vulnerability. That will be out very soon;

- SLES patches + VA_hardware_version upgrade to v9 have are already been integrated into current development branch, and should be part of the next update release of vRA.

View solution in original post

0 Kudos
3 Replies
Wesley_VMware
Community Manager
Community Manager
‎01-15-2018 04:44 AM
Jump to solution

Hi,

I think the following KB article answers both questions:

https://kb.vmware.com/s/article/52264

Specifically:

  • Operating System-Specific Mitigations will include both Virtual Machine Hardware updates and guest OS fixes. Manually updating Virtual Machine Hardware in VMware Virtual Appliances is not supported.
  • At the moment it is known the vRA appliance is affected and there is no solution yet (also no ETA).

I would suggest to keep an eye on that KB because that will be updated as more information becomes available. And sign up for the Security Announcements mailing list to be informed as news becomes available.

Hope this helps.

gradinka
VMware Employee
VMware Employee
‎01-17-2018 02:11 PM
Jump to solution

- the vRA team is working on a KB article which will explain how to mitigate the attack vectors for this vulnerability. That will be out very soon;

- SLES patches + VA_hardware_version upgrade to v9 have are already been integrated into current development branch, and should be part of the next update release of vRA.

0 Kudos
MTJohnson
Contributor
Contributor
‎01-17-2018 02:48 PM
Jump to solution

Thank you both.

It's good to see the hardware version upgrade will be part to the next release of vRA as per https://kb.vmware.com/s/article/52085 it will be required for EVC clusters (which mine are).

0 Kudos