Scott's Weblog The weblog of an IT pro specializing in cloud computing, virtualization, and networking, all with an open source view

Security Fixes for ESX

The Secunia advisories (ESX 2.x here and ESX 3.0.0 here) are dated today and were brought to my attention via Thincomputing.net. Updates are available for both ESX 2.x (2.0.2, 2.1.3, 2.5.3, and 2.5.4 all have updates available) as well as for ESX 3.0.0 (please note that ESX 3.0.1 is not affected by the same vulnerability).

More information on the fixes (and the associated flaws or vulnerabilities) can be found in the original VMware advisories:

VMware ESX Server 2.0.2 Upgrade Patch 2
VMware ESX Server 2.1.3 Upgrade Patch 2
VMware ESX Server 2.5.3 Upgrade Patch 4
VMware ESX Server 2.5.4 Upgrade Patch 1
ESX Server 3.0.0 Patch ESX-2533126

Here is where the beauty of VMotion comes into play. So you’ve got a farm of ESX servers running a boatload of virtual servers, and need to take the ESX hosts down to apply this patch, right? No problem…just VMotion the virtual machines on one host off to another host, apply the patch, and reboot the host. When that host comes back up, repeat the process with another host, and then another, until all your ESX servers are patched. The users will never even know that anything was happening.

Metadata and Navigation

Be social and share this post!