VMware vSphere

 View Only
  • 1.  Risk with Public Cloud from Meltdown / Spectre

    Posted Jan 30, 2018 08:40 PM

    I know this has been talked about over and over again, but I can't seem to find a definitive answer to one question. People ask, "what should be patched"? Answer, everything including the guest OS.

    What is not clear especially with public cloud providers using VMware for the hypervisor. In a shared environment, can a customer log into their guest OS and potential steal information from other guest OSes running on the same ESXi hypervisor?



  • 2.  RE: Risk with Public Cloud from Meltdown / Spectre

    Posted Jan 30, 2018 09:00 PM

    From everything I've read, what you just described is the main threat of these vulnerabilities.  Customer A has a VM running on the same host as Customer B, and an exploit could intercept data at the processor level.

    I work on a private cloud, so our customers don't have to worry in this regard since they don't share their blades with anyone. If someone gets access to their guest VMs, they have bigger things to worry about than Meltdown and Spectre



  • 3.  RE: Risk with Public Cloud from Meltdown / Spectre

    Posted Jan 30, 2018 09:25 PM

    It is much larger than what I described. Affects nearly every PC/server out there. An exploit with your Internet browser can allow someone to also exploit meltdown or spectre. So private or shared, the risk is still huge.

    But still have yet to read a guest OS on ESXi can compromised all VMs running on that server. If that is the case, why would companies, especially healthcare, financial, etc. risk putting any resources in public cloud?



  • 4.  RE: Risk with Public Cloud from Meltdown / Spectre

    Posted Feb 02, 2018 04:49 PM

    But again, I'm just providing the platform. We don't provide support into their OS.  I was just making the point that between our cloud and public cloud, a customer doesn't have to worry about who they are sharing their host with.

    I personally don't see how anyone sleeps at night when they're on a public cloud.

    As far as the risk, the exploits are able to see into the caches of the processors, so they can intercept all data being processed which includes intercepting passwords, etc.  The exploits don't just see the data from their guest OS.



  • 5.  RE: Risk with Public Cloud from Meltdown / Spectre

    Posted Feb 02, 2018 08:37 PM

    Amazon's stock is up over 200 points this year. I guess people aren't too concerned. :-)



  • 6.  RE: Risk with Public Cloud from Meltdown / Spectre
    Best Answer

    Posted Jan 31, 2018 09:19 AM

    Seem so....

    "Result of exploitation may allow for information disclosure from one Virtual Machine to another Virtual Machine that is running on the same host."

    [Security-announce] NEW VMSA VMSA-2018-0002 VMware ESXi, Workstation and Fusion updates address side-channel analysis du…