Topics started by dips
VMware have released version 12.1.5 of VMware Tools patching the following:This is a maintenance release of VMware Tools to provide fixes for critical product issues and security issues. Updated OpenSSL to 3.0.7 Updated zlib to 1.2.12 with additional fixes Updated GLib to 2.56.3 with additional fixes Updated libxml2 to 2.10.2 This release resolves CVE-2022-31693. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2022-0029.html. More: https://docs.vmware.com/en/VMware-Tools/12.1/rn/vmware-tools-1215-release-notes/index.htmlCrucially OpenSSL has been updated.
For those who have not yet seen the announcement, there is more info here: KB4374: Veeam Backup for Google Cloud - Critical Vulnerability (CVE-2022-43549)In short:CVSS v3 Score: 10.0 (Critical) Veeam Updater component should have automatically applied the update To verify, check for Veeam Updater version 184.108.40.2064
For those of you who still run Exchange on-prem, there are 2 zero days currently being exploited in the wild:CVE-2022-41040: A Server Side Request Forgery (SSRF) issue. CVE-2022-41082: A remote code execution (RCE) issue.No information on when there will be a patch. To mitigate, add a blocking rule in “IIS Manager -> Default Web Site -> Autodiscover -> URL Rewrite -> Actions”“.*autodiscover\.json.*\@.*Powershell.*” (excluding quotes)More guidance here: https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Thought I’d quickly post this to end the week. Our current backup strategy utilises a virtual tape library with GFS with tapes periodically expiring after a set retention period. When tapes are archived to the vault, even though they will expire, the data is still recoverable when the tape is retrieved. Anyway, we needed to recover a folder that our user remembers working on quite a long time ago but was no longer able to find it. A quick look on the Veeam B&R Tape Infrastructure tab to determine which tapes were required, perform retrieval, import the tape, retrieve the data and folder recovered. Could not be simpler. Have a good weekend!
This seems to have been gaining traction with exploitations now being seen in the wild’A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word.’More here: https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/
I’ve been following this which is has been in the news a lot recently.Rather than try and breach into organisations this group tends to recruit insiders to provide an easy way in.One of the reasons why it’s so important to have immutable backups.https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/Krebs on Security
Now this is just for my own curiosity. When Backup Jobs complete, Veeam runs Health Checks on the backup files to check for any corruption on the vbks. What happens if the VBR server goes offline whilst a Health Check job was in progress? Does it carry on from where it left off, or does it start the whole process again?Additionally, would it affect the vbk files in any way?
Login to the community
Log in with your Veeam account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.