Versions:
vCenter 5.5
Update Manager 5.5
Esxi 5.5
Hello. It looks like update manager 5.5 uses C:\Windows\SysWOW64\msxml4.dll which is flagged as a critical vulnerability. We need to remediate to the most recent version. Updating the dll is no problem but what do I need to do to get Update Manager to look at the newly deployed MSXML dll?
Thanks in advance for any info you can provide,
Jamey
I was told by Vmware that it would be fixed in 5.5 U3 and that VUM would use MSXML6. 5.5U3 came out today so hopefully the fix is in there.
I was told by Vmware that it would be fixed in 5.5 U3 and that VUM would use MSXML6. 5.5U3 came out today so hopefully the fix is in there.
Ok. Thanks for the information cheselskep! I'll run a scan on one of our test vSphere 6 systems and see how it goes.
Jamey
Here is the documentation:
http://pubs.vmware.com/Release_Notes/en/vsphere/55/vsphere-update-manager-55u3-release-notes.html
Even after removing the MSXML4 from Add/Remove I had to manually delete two msxml4 files from the syswow64 folder for the security scan to remove the finding.
I have upgraded my servers to 5.5 U3 and removed MSXML 4 and the finding is no more.