Andy's VMware vSphere tip#8: Spectre and Meltdown....Have you patched your server yet? It's almost 5 months since this Security Flaw was found in Intel CPUs, and we are still finding many VMs, and Hosts in the wild which are still not patched!
Remember this actually requires a little bit of work... To successfully patch against Spectre and Meltdown, you must:-
1. Update the BIOS and Firmware, and maybe CPU microcode in the Host ESXi Server. Some BIOS updates update the microcode for you. Check with your Server Vendor, some server vendor have been very slow to release new BIOS/Firmware/Microcode updates, and some servers may be now end of life, as server vendor may not release new code.
2. Update vCenter Server to 6.5 U1g, 6.0 U3e or 5.5 U3h.
3. Update the ESXi Build to the latest versions
ESXi 6.5: ESXi650-201803401-BG* and ESXi650-201803402-BG**
ESXi 6.0: ESXi600-201803401-BG* and ESXi600-201803402-BG**
ESXi 5.5: ESXi550-201803401-BG* and ESXi550-201803402-BG**
4. Update VMware Tools and all virtual machine hardware versions to 11.
IPv6 is here to stay. Removing it can break networking. Do not remove it.
SMBv1is a security hole and has been removed from Windows 7 & above, Server 2008 & up.
SMBv1 has been removed meaning you cannot connect to old operating system, old NAS devices and old printer/scanners.
SMBv1 is a security hole. Do not enable it.
Window 10 is going to update. Get used to it. The people who turned Windows 7 updates off and then blamed Microsoft when their operating got hacked and hosed caused this.
Home group has gone (Windows 10 V1803 and up). Get used to Password Protected sharing and learn how to use it. I wrote an article about this (look in my Articles for Folder Sharing on modern computers). Do not turn passwords off.
Windows 10 is not Windows 7, does not work like Windows 7 and has dispensed with some old Windows 7 ideas. There is no going back. Get used to it.
You got ransomware from people opening email from strangers. Get a Spam Filter. Train Employees, keep Off-Site backups. It is not a technology problem - it is a management problem.
Amortize expensive software and hardware to create cash for new equipment. "I am stuck on XP because the equipment is too expensive to upgrade" is not an option. Get your accountant to explain this to you.