HOW NOT TO: Compromise your VMware vSphere Hypervisor ESXi 5.1, 5.5, 6.0, 6.5, 6.7, 7.0, 8.0 by adding to Microsoft Active Directory
Posted on
6,027 Points
21:13
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
EE Fellow, MVE, Expert of the Year 2021,2017-11, Scribe 2016-2012, Author of the Year 2018-6,2013-2012 VMware vExpert Pro, vExpert 2025-2011
In this video presentation which is part of the Hancock's VMware Half Hour I will show you HOW NOT TO: Compromise your VMware vSphere Hypervisor ESXi 5.1, 5.5, 6.0, 6.5, 6.7, 7.0, 8.0 by adding to Microsoft Active Directory. I will demonstrate the exposure, and discuss how to avoid it.
In this video demonstration the ESXi servers are ESXi ARM 7.0, but the same functionality has been built into ESXi since 5.1.
On the 29th July 2024, Microsoft discovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full administrative permissions on domain-joined ESXi hypervisors.
this publication is here - https://www.microsoft.com/
VMware vExperts - Christian Mohn wrote about it here - VMware vSphere CVE-2024-37085 - A Nothing Burger
and Bob Plankers goes into more detail here - Thoughts on CVE-2024-37085 & VMSA-2024-0013
Please have a read of these publications.
Broadcom have issued updates and fixes to vSphere 7.0 and 8.0, and VCF 4.x and 5.x only. There is no security update for 6.7.
https://support.broadcom.c
In this video demonstration the ESXi servers are ESXi ARM 7.0, but the same functionality has been built into ESXi since 5.1.
On the 29th July 2024, Microsoft discovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full administrative permissions on domain-joined ESXi hypervisors.
this publication is here - https://www.microsoft.com/
VMware vExperts - Christian Mohn wrote about it here - VMware vSphere CVE-2024-37085 - A Nothing Burger
and Bob Plankers goes into more detail here - Thoughts on CVE-2024-37085 & VMSA-2024-0013
Please have a read of these publications.
Broadcom have issued updates and fixes to vSphere 7.0 and 8.0, and VCF 4.x and 5.x only. There is no security update for 6.7.
https://support.broadcom.c
0 Comments
Suggested Videos
In May 2023, I attended the "European Identity and Cloud Conference 2023" as part of the Experts Exchange Reconnect program.
In this summary, I will give you the list of trend subjects of this conference
Microsoft has ended support for Windows Server 2012R2. This means not only an end to features and bug fixes, but an end to security patches as well. Rather than building a new server from scratch, there is the option for an in-place upgrade.
