VMware Cloud Community
CHJamey
Contributor
Contributor
‎08-10-2015 11:14 AM
Jump to solution

Configure update manager 5.5 to use a different version of MSXML for security reasons

Versions:

vCenter 5.5

Update Manager 5.5

Esxi 5.5

Hello.  It looks like update manager 5.5 uses C:\Windows\SysWOW64\msxml4.dll which is flagged as a critical vulnerability.  We need to remediate to the most recent version.  Updating the dll is no problem but what do I need to do to get Update Manager to look at the newly deployed MSXML dll?

Thanks in advance for any info you can provide,

Jamey

0 Kudos
1 Solution

Accepted Solutions
cheselskep
Contributor
Contributor
‎09-16-2015 03:37 PM
Jump to solution

I was told by Vmware that it would be fixed in 5.5 U3 and that VUM would use MSXML6. 5.5U3 came out today so hopefully the fix is in there.

View solution in original post

0 Kudos
3 Replies
cheselskep
Contributor
Contributor
‎09-16-2015 03:37 PM
Jump to solution

I was told by Vmware that it would be fixed in 5.5 U3 and that VUM would use MSXML6. 5.5U3 came out today so hopefully the fix is in there.

0 Kudos
CHJamey
Contributor
Contributor
‎09-24-2015 05:38 AM
Jump to solution


Ok.  Thanks for the information cheselskep!  I'll run a scan on one of our test vSphere 6 systems and see how it goes.

Jamey

0 Kudos
cheselskep
Contributor
Contributor
‎09-24-2015 09:54 AM
Jump to solution

Here is the documentation:

http://pubs.vmware.com/Release_Notes/en/vsphere/55/vsphere-update-manager-55u3-release-notes.html

Even after removing the MSXML4 from Add/Remove I had to manually delete two msxml4 files from the syswow64 folder for the security scan to remove the finding.

I have upgraded my servers to 5.5 U3 and removed MSXML 4 and the finding is no more.

0 Kudos