Many organizations use VMware to host their servers. VMware has released an urgent update they label as Critical.
Patching VMware, which is often used as a platform for many of your other servers, can be frustrating. If the patch causes a problem, there is a risk that all your servers hosted on that machine will go down.
This is one of those risk vs. benefit decisions that is so important, business executives must be involved.
On the one hand, the patch could interrupt business, but not applying the patch could be considered reckless.
Test the patch prior to deployment, when possible. Having a pre-planned, if not pre-tested, roll-back plan is crucial in case the patch causes a problem.
Preferably patch one server at a time so that, if the patch does cause a problem, at least the interruption is limited to that server.
Without the patch, someone could run programs on your computer, potentially taking control of the server.
The patch fixes a vulnerability in the VMware Customer Experience Improvement Program, even if a customer is not participating in the program.
Please emphasize the last phrase to your IT pros.
Ask your IT pros to look at VMware’s information by searching for VMSA-2017-0007.
Please forward this to everyone who may be using VMware, so that they can alert their IT pros just in case they don’t know already.