Misc: Starbucks teams with Spotify

A very interesting new feature. The obvious feature of finding out what is playing in your local Starbucks is useful, but the fact that they could use your Spotify data to influence the playlist store's playlist is pretty cool.


NetApp VSC 4.2.2 HTTP Error 500 VSphereAuthenticationFilter only support jetty requests



NetApp KB ID 2026327 only states error 503, but the fix listed in the article will also fix this error 500 problem too.

It seems to only affect vCenters running 5.5 U3b or higher.  Anyway, probably far and few between dealing w/ this, but hopefully this helps someone looking for a solution.  Long story short, the KB details certain conf files that need to be modified.

Perform the following steps to resolve the issue:
  1. Open %Programfiles%\Netapp\Virtual Storage Console\smvi\server\etc\wrapper.conf
  2. Locate the wrapper.java.additional.X lines (should be 4)
  3. Add the following line:
    wrapper.java.additional.5=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
  4. Open %Programfiles%\Netapp\Virtual Storage Console\wrapper\wrapper.conf
  5. Locate the wrapper.java.additional.X lines (should be 7)
  6. Add the following additional line:
    wrapper.java.additional.8=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
  7. Restart both VSC services, or reboot.


vSphere: Security Vulnerability w/ "Shared Folders" Feature


Since this appears to be making the rounds, I figured I'd post a little Powershell code on how to figure out if a guest's VMware tools is affected.  It only appears to affect Window's so this little bit of code can help you determine whether the "Shared Folders" feature is installed.  I posted this to communities too.

$VM = Get-VM NameofVM
 
$Reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $vm.extensiondata.summary.guest.hostname)
$RegKey= $Reg.OpenSubKey("System\CurrentControlSet\Control\NetworkProvider\Order")
$RegKeyValue = $RegKey.GetValue("ProviderOrder")
If($RegKeyValue -match "hgfs|hgs"){Write-Host ("$($VM.Name) might be affected by VMSA-2016-0001." + "  String Values hgfs, vmhgs, and/or vmhgfs need to be removed and VM rebooted.  ESXi Host should be patched prior.  RegistryPath: $($RegKey.Name), ProviderOrderKeyStringValue: $($RegKeyValue)") -ForegroundColor:Red}
Else(Write-Host "$($VM.Name) not affected by VMSA-2016-0001" -ForegroundColor:Green)


Caveats to this is that once you find those that have the HGFS/HFS, the ESXi host needs to be patched, the string values removed from the registry, and VM needs to be rebooted for change to take effect.
Also note:

  1. This only escalates privileges within the Guest OS. This does not escalate rights into the ESXi host.
  2. Just because those values are there, doesn't necessarily mean the function is actually in use.

The other half is that you will need to patch your ESXi hosts:
http://www.vmware.com/security/advisories/VMSA-2016-0001