OpenSSL Heartbleed patches for ESXi 5.5 are available now!

VMware has just released updates for ESXi 5.5 that address the OpenSSL Heartbleed vulnerability by updating OpenSSL to the latest version 1.0.1g (Please note: Older versions of ESXi are not vulnerable, because they use OpenSSL versions <1.0.0).

Protect your ESXi hosts against Heartbleed attacks

Unless you live behind a rock you have most probably already heard about a vulnerability in the OpenSSL software that was dubbed Heartbleed. A lot of VMware products make use of OpenSSL to enable SSL secured web access, and a lot of them use versions that are vulnerable.

VMware has reacted to this by publishing a list of vulnerable products and announced appropriate patches to be released very soon. ESXi is also affected. A general recommendation of VMware is to not expose the management interface of your hosts directly to the Internet, but there are situations where you cannot really avoid that or just do not want to sacrifice the convenience to have your hosts manageable from (theoretically) everywhere.

If you have ESXi hosts directly connected to the Internet and can not or do not want to wait for a patch to be released (or just do not want to spoil your easter weekend with patching hosts) then you should think about other means to mitigate the issue.

How to automate changing the VMware Tools installation in Windows


A while ago I blogged about the VMware Tools for Windows MSI package, what hidden components it includes, and how you can take complete control over the installation or upgrade process by using appropriate msiexec command lines.

The following question was raised in this context: How do you modify an existing installation of VMware Tools (i.e. add or remove components) without re-installing or updating to a new version?

Almost a Top 50 vBlog and vExpert again!


Last week Eric Siebert announced the results of this year's Top Virtualization Blog voting. I am very happy that I could make a huge jump up in the list, climbing 90 places to rank #53. Many thanks to everyone who voted for me!

And today VMware announced the first list of vExpert 2014 awardees. I say the first, because there were substantial changes to the process this year resulting in quarterly nominations. So if you have missed to apply in February or were not accepted then you will get a new chance soon.
Anyway, after 2012 and 2013 I was awarded vExpert the third time in a row! Thanks to John Troyer, Corey Romero and all the other great guys caring about the VMware community!

I am always very glad to see that the hard work that I put in my blog and the tools and resources that I provide get recognized by the community. This - and the fact that I just have fun doing it - are the best reasons to carry on.

Welcome to Opvizor


I am excited to welcome Opvizor as a new sponsor to my blog! This fairly young startup offers a unique approach to keep your vSphere environment healthy. It is not about real-time monitoring (there are already plenty of products that do this), but Opvizor analyzes your environment for compliance with best practices, and it knows about and detects lots of common issues, misconfigurations and mistakes. Its goal is to prevent issues before they happen.

Updated: [ALERT] Issue with the ESXi 5.5 U1 Driver Rollup ISO: Software iSCSI adapter crashes hostd


While browsing through the VMware Community Forums I stumbled over a thread that made me curious: A customer experienced serious issues after upgrading his vSphere environment to 5.5 Update 1. The ESXi hosts became unresponsive right after the Software iSCSI adapter was added.

Issue after upgrading your vCenter 5.5 U1 server from Windows 2012 to 2012 R2

Update 1 for vCenter Server 5.5 was recently released, and the Windows version now officially supports being installed on Windows Server 2012 R2. So far I had the 5.5 GA version running on a Windows Server 2012, and after installing the Update 1 (which went pretty smoothly) I thought that it's a good idea to now also upgrade the OS to 2012 R2.

I had successfully done this kind of in-place upgrade before with my two Domain Controllers and the Veeam Backup server, and I was not really expecting any big issues, but this time there was one: After the upgrade to 2012 R2 finished the VMware vSphere Web Client service failed to start! It took me some time to find the root cause of this, but in the end it was easy to fix ...

How to update your standalone host to ESXi 5.5 U1

My "How to update ESXi" posts are still very popular, so now - that ESXi 5.5 Update 1 is out,- I must post short instructions on how to update your standalone host to ESXi 5.5 Update 1 ... ;-)