8 Replies Latest reply on May 15, 2019 2:55 PM by guan8

    Concurrent-context attack vector vulnerability in Intel processors

    guan8 Lurker

      Hello!

       

      We are running a cluster of ProLiant DL380 Gen10 servers running VMware ESXi, 6.7.0, 10302608.

       

      On each host, we are seeing a warning when browsing to Monitor => Health. The warning is "Concurrent-context attack vector vulnerability in Intel processors". After reading more about it here https://kb.vmware.com/s/article/55806 , there is a paragraph that says:

       

      Note: It may be necessary to acquire additional hardware, or rebalance existing workloads, before enablement of the ESXi Side-Channel-Aware Scheduler. Organizations can choose not to enable the ESXi Side-Channel-Aware Scheduler after performing a risk assessment and accepting the risk posed by the Concurrent-context attack vector. This is NOT RECOMMENDED and VMware cannot make this decision on behalf of an organization.

       

      We have discussed this in our organization, and we wish to accept the risk and not enable this feature. How do we disable the warning from the vCenter web UI? Since we do not consider this warning relevant for us, we would like to reset this warning to green. Right now it is potentially obscuring other, more relevant warnings.

       

      Thank you in advance.

       

      /Gustav