AMD Radeon Graphics Cards Open VMware Workstations to Attack

Threatpost | September 17, 2019

A remote code-execution bug exists in some configurations of the AMD Radeon graphics card that could allow an attacker to take control of a targeted system. The hack entails luring users of vulnerable systems to visit a specially crafted website that can deliver “a malformed pixel shader” to either a Radeon RX 550 or a Radeon 550 series graphics card. The prerequisites for the attack limit the scope of those impacted. According to Cisco Talos, which found the bug in May, the vulnerability only exists on systems running VMware Workstation 15 with the 64-bit version of Windows 10 running as the as guest VM. This vulnerability can be triggered by supplying a malformed pixel shader (inside VMware guest OS) to the AMD ATIDXX64.DLL driver. Such an attack can be triggered from a VMware guest usermode to cause a memory corruption on vmware-vmx.exe process on host, or theoretically through WEBGL (remote website),” according to the Talos Vulnerability Bulletin, published Monday.

Spotlight

VMware NSX-T Data Center provides integrated full stack networking and security for containerized applications and microservices, delivering granular policy on a per-container basis as new applications are developed. This enables native container-to-container L3 networking, micro-segmentation for microservices, and end-to-end visibility of networking and security policy across both traditional and new applications.

Spotlight

VMware NSX-T Data Center provides integrated full stack networking and security for containerized applications and microservices, delivering granular policy on a per-container basis as new applications are developed. This enables native container-to-container L3 networking, micro-segmentation for microservices, and end-to-end visibility of networking and security policy across both traditional and new applications.

Related News

VMWARE

Arrcus Extends Partnership with VMware to Transform Telco CSP Networks for the Delivery of Next-Gen Enterprise Services from the Edge to the Cloud

Arrcus | September 29, 2022

Arrcus, the hyperscale networking software company and a leader in cloud-to-edge network infrastructure, today announced the next evolution in their partnership with VMware, focused on transforming telco networks to deliver next-gen services from the edge to the cloud. The expanded partnership will provide communication service providers with the ability to monetize their 5G infrastructure quicker and deliver new enterprise services more efficiently and with greater flexibility. The Arrcus ACE platform is now certified as a VMware Ready Telco Cloud Infrastructure solution and available in the VMware Marketplace. Arrcus ACE interoperates with the VMware Telco Cloud Platform to enable communications service providers to accelerate the deployment of 5G workloads and more. “Programmability of the network extends beyond the RAN. With today’s announcement, Arrcus’ ACE switching and routing platform has completed further certification with VMware’s Telco Cloud Platform and enables service providers to increase the monetizability of their 5G networks and extend them to the edge, This builds upon further capabilities that Arrcus and VMware began demonstrating at Mobile World Congress in Barcelona earlier this year.” Ray Mota, CEO and principal analyst at ACG Research The Arrcus ACE platform is highly programmable and secure, available in a flexible array of consumption options like VMs, containers and software on white-boxes. ACE supports solutions like FlexMCN that dramatically simplifies multi-cloud networking for telcos and CSPs, providing secure connectivity across cloud instances. Arrcus ACE is complemented well by VMware Telco Cloud, which is a single platform where service providers can run and manage all their containerized network functions (CNFs) and virtualized network functions (VNFs) in a multi-cloud edge. “Arrcus ACE solutions running on the VMware Telco Cloud Platform can transform telco networks for delivery of next-gen 5G services from the edge to the cloud,” said Stephen Spellicy, Vice President of Product Marketing and Solutions for VMware’s Telco & Edge Cloud. “Our partnership with Arrcus will equip telecom operators to offer solutions like multi- and hybrid cloud connectivity at the edge where low latency is required.” Today, Arrcus also announced that it is extending a “Fast Path” membership for VMware Telco Cloud ecosystem partners seeking to join Arrcus’ PACE partner program. Going forward, certified VMware Telco Cloud partners will be offered an accelerated path to join Arrcus’ PACE program, including instant approval and onboarding. All PACE ecosystem partners enjoy benefits ranging from solution validation, access to technical/training resources and go-to-market support. “Arrcus is delighted to expand our partnership with VMware targeted at telcos and communications service providers seeking to launch transformative new services that can help them improve their top line,” said Shekar Ayyar, CEO and chairman at Arrcus. “Our partnership with VMware is also significant because it appeals to our mutual ecosystem partners that want to leverage both our platforms.” Customers interested in learning more about Arrcus ACE with VMware Telco Cloud can download the latest solution brief. VMware Telco Cloud ecosystem partners seeking to take advantage of the fast-track PACE offer can contact an Arrcus PACE representative here. About Arrcus Arrcus was founded to enhance business efficiency through superior network connectivity. The Arrcus Connected Edge (ACE) platform offers best-in-class networking with the most flexible consumption model at the lowest total cost of ownership. The Arrcus team consists of world-class technologists who have an unparalleled record in shipping industry-leading networking products, complemented by industry thought leaders, operating executives, strategic partners and top-tier VCs. The company is headquartered in San Jose, California.

Read More

VIRTUAL SERVER MANAGEMENT

Quest NetVault Plus 13.1 Accelerates Recovery Time, Reduces Data Loss and Enables Backup to Object Storage

Quest | October 07, 2022

Quest Software, a global systems management, data protection and security software provider, today announced enhancements to NetVault® Plus – a cloud-ready enterprise data protection solution that enables protection and recovery of all systems, applications and data across a complex IT environment. NetVault Plus 13.1 users can now gain instant restore of systems, applications and data, reduce the risk of data loss through continuous data protection and significantly lower backup storage costs using deduplicated storage, both on-premises and in the cloud. The shift from the traditional office to a more hybrid workplace has upped the ante when it comes to data protection and backup and recovery efforts. A recent trends report found that 67% of organizations now use cloud services as part of their data protection strategies, and 42% of IT leaders consider hybrid‑cloud workload protection the most important aspect of enterprise backup. In the same report, 20% of IT implementers say improving recovery point objectives (RPO) and recovery time objectives (RTO) will drive changing their backup solution in 2022. NetVault Plus 13.1 provides a new continuous data protection workflow. Featuring incremental forever backups and synthetic full creation at the storage layer. Users can also leverage the new workflow with VMware virtual machines and their Microsoft 365 data including Exchange Online, SharePoint Online, Teams, OneDrive and Azure Active Directory. This enhancement allows users to run backups more frequently to reduce the risk of data loss and damage and address demanding RPOs. This innovative protection technology also enables NetVault Plus 13.1 to offer instant restoration for VMware virtual environments. It allows users to either instantly recover a virtual machine back to production or simply boot for testing, from any incremental point directly from immutable deduplicated storage. This reduces costs by decreasing time to recovery and removing the need for special hardware appliances, non-deduplicated landing zones or staging areas. “As market demands and challenges grow, Quest’s award-winning NetVault Plus data protection solution continues to advance to help organizations meet demanding RTO and RPO parameters and attain their business continuity and disaster recovery goals, With its broad system, application, virtualization and cloud support, NetVault Plus 13.1 delivers a powerful yet easy to use data protection solution that is used globally to protect data centers, remote office and cloud resources.” Heath Thompson, President and GM, ISM at Quest NetVault Plus 13.1 adds: Continuous data protection and instant of VMware virtual machines. Continuous data protection for Microsoft Office 365 data to deduplicated immutable storage. Instant restore of VMware virtual machines direct from deduplicated, immutable storage. Backup direct to object storage provides simplified SaaS application protection leveraging native cloud storage. Immutable backup storage helps organizations protect business-critical systems, applications and data, reducing risks of successful ransomware or cyber-attack. Enterprise class data protection for hybrid, cloud environments ensuring business resilience through disaster recovery readiness. NetVault Plus 13.1 also provides the ability to backup directly to S3 compatible object storage in public cloud, private cloud and on-premises object storage arrays, allowing adoption of cloud workflows and simple storage mechanisms. About Quest Software Quest creates software solutions that make the benefits of new technology real in an increasingly complex IT landscape. Quest helps customers solve their next IT challenge, from maximizing the value of their data to Active Directory and Office 365 management, and cybersecurity resilience. Around the globe, more than 130,000 companies and 95% of the Fortune 500 count on Quest to become data empowered, deliver proactive management and monitoring for the next enterprise initiative, find the next solution for complex Microsoft challenges, and stay ahead of the next threat. Quest Software. Where next meets now.

Read More

SERVER VIRTUALIZATION

VMware SASE and SD-WAN Helps Organizations Take a Holistic Approach to Networking and Security

Frost & Sullivan | November 01, 2022

The last two years accelerated Information Technology (IT) trends that were already underway: rapid increase in the adoption of cloud, multi-cloud, and internet of things (IoT); a smarter edge for use cases such as modern retail, healthcare, and manufacturing; and a distributed workforce, where employees can be anywhere. Software-defined (SD) WAN technology eliminates the traditional WAN connectivity challenges associated with distributed enterprise applications and IoT devices that held back this acceleration. The need to more securely connect distributed users to cloud-based applications is driving the adoption for software-defined, cloud-delivered security. Secure Access Service Edge (SASE) combines the flexibility of SD-WAN technology with a full suite of security services it delivers from the cloud. SASE points of presence (PoPs) provide networking and security functions closer to the user, enabling fast and more secure access Frost & Sullivan's latest white paper, As Edge Computing Gains Traction, the Business Case for SASE is Stronger than Ever, explores how market trends highlight the demand for the cloud-delivered networking, compute, and security architecture that SASE delivers. As public cloud adoption levels continue to increase post-pandemic due to hybrid and multi-cloud configurations, businesses should: Integrate edge computing as part of hybrid cloud architecture to optimize and more securely connect edge locations back to data centers and cloud-hosted applications. Implement hybrid and multi-cloud configurations to become more distributed and easily build, deploy, and continually optimize app delivery, for a more competitive edge. Support hybrid work trends and optimize user connectivity to cloud-based applications. Auto apply security conditions to users accessing enterprise applications based on the user identity and the context to mitigate risks and protect digital assets. VMware SASE is an example of the right way to secure and speed access in this distributed landscape through cloud-delivered SD-WAN Edge devices, Gateways, SASE Orchestrator, Edge Network Intelligence™, and Edge Compute Stack. The global network of scalable VMware SASE PoPs delivers apps to users reliably, quickly, and more securely over a single management interface. The VMware SASE product family delivers enterprise agility through a cloud-first open architecture, superior digital experience with rock-solid SD-WAN connectivity, security based on zero-trust principles, and operational simplicity with vendor-agnostic Artificial Intelligence for Operations that can help predict and prevent problems before they occur. About Frost & Sullivan For six decades, Frost & Sullivan has been world-renowned for its role in helping investors, corporate leaders and governments navigate economic changes and identify disruptive technologies, Mega Trends, new business models and companies to action, resulting in a continuous flow of growth opportunities to drive future success.

Read More