2020/01

Over the past several years of using vRealize Automation 6.x and 7.x, I have generated numerous dashboards and search queries within Splunk to explore the log data generated by these products. Knowing that vRealize Automation 8.0 is an entirely new product compared to previous versions, I decided that it was time to begin reviewing the log data being generated by the appliance to determine what information could be obtained from the logs.

When it comes to vRealize Automation 8.0, VMware has been moving full steam ahead with rapid product updates containing new features, capabilities, and bug fixes. Continuing this trend, on January 17, 2020, VMware released the first hotfix for vRealize Automation 8.0.1. Included in it are three enhancements, ten improvements, and fifteen fixes for items relating to the IaaS API, Provisioning, Action-based extensibility (ABX), vRealize Orchestrator (vRO), and Virtual appliance/clustering. The hotfix can be installed using vRealize Suite Lifecycle Manager 8.

On January 16, 2020, the Defense Information Systems Agency has made available the second update to VMware vSphere 6.5 STIGs released in 2019. VMware vSphere 6.5 STIG Version 1, Release 3 includes updates to both the ESXi and the vCenter Server STIGs. Per the revision history provided in the updated STIG download, the following changes were made: VMware vSphere 6.5 ESXi STIG V-94505, V-94507, V-94529, V-94531, V-94543, V-94545 - Added N/A statement when host profiles are not used to join AD These STIGs checks all relate to the authentication of users to ESXi using Active Directory.

I recently had the pleasure of upgrading two virtual appliance-based VMware Identity Manager 3.3.0 deployments to 3.3.1 using the offline update method without the assistance of vRealize Suite Lifecycle Manager. When I reviewed the update documentation, I found that this release didn’t support the offline update process I previously utilized, so I figured I’d create a quick post providing an overview of the supported update processes for 3.3.1. What Changed? In previous releases of VMware Identity Manager 3.

Just a heads up. VMware has published Security Advisory VMSA-2020-0002 (CVE-2020-3941), which details information regarding a race condition within VMware Tools 10.x.x that can allow a user to escalate their privileges on a Windows VM. This issue was assigned a CVSSv3 score of 7.8 and has the potential to affect many environments as it applies to all releases of VMware Tools 10. The vulnerability can be resolved by installing VMware Tools 11, but if you can’t upgrade to VMware Tools 11, a workaround is available in VMware KB76654.