Or, VMware ESXi 6.0
vulnerability VMSA-2017-0006 remediation
Or, VMware ESXi
vulnerability VMSA-2017-0006 remediation planning and execution
Descriptions: On
Mar 28th 2017 US-CERT notified it’s users about this vulnerability
with VMware ESXi hosts. The remediation of this vulnerability is to update the
ESXi hosts with the patch recommended by VMware. In my case the recommended
patch was ESXi600-201703003.zip as my VMware ESXi servers are running on
version 6.0 U2.
Scenario: As I am using ESXi Server version 6.0 U2, the recommended patches
details are as below as per the reported vulnerability security advisory
reference KB.
Security advisory reference KB: http://www.vmware.com/security/advisories/VMSA-2017-0006.html
You have to scroll down the page till the end to see these
patches details as shown in the below screenshot.
Remediation Procedure/Steps:
Stage-1
As shown and explained in the
above screenshot, please go to the VMware KB http://kb.vmware.com/kb/2149673 Or,
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2149673 to verify and check the information about required
patch file.
It should be containing
following information as highlighted in red in the below screenshot.
Stage-2
Now download the required
patch from VMware Site (in my case it’s the below one):
This is the same URL which was given in security advisory
(can see the very first screenshot in this article for reference).
You must be logged-in in the “My VMware” portal to be able
to access this patch download windows.
The download page should be looking like below:
After downloading the path
file will be appearing like below in a .Zip file format.
Use this file to update the
patches on all affected VMware ESXi servers. You can use either manual method
of installing this patch on all affected ESXi servers or you can use the
easiest method of doing it by using VMware vSphere update manager.
I am a lazy administrator so
don’t expect me to do this patching activity manually. Yes, I used the easiest
method of doing it by using Update manager.
I have posted all the steps
in my another article How to use Update Manager for patch installation on ESXi servers? .
You can refer
this article if you want to use Update manager for installing these updates on
your ESXi hosts.
Cheers, Please write me back
if you have any query or feedback on this.
No comments:
Post a Comment