| For those of you who were waiting for vSphere 6.5 Update 1 in a hope that this build will finally be stable enough to bring your vSphere deployment up to the latest version... nope, unfortunately it still has a known PSOD issue when - wait for this - ESXi host is equipped with 10Gb Ethernet NIC (which are arguably mainstream these days). Currently, there is no resolution except downgrading back to 6.0 U2. So, keep calm and watch this VMware KB for updates > KB2151749, while getting ready to celebrate 1 year of waiting for a solid vSphere 6.5 build that would be safe to upgrade to! Actually, based on what I'm hearing about the next vSphere release timelines, some might as well decide to just skip 6.5 altogether at this point... except rumors are the next release will be called 6.7, and these two numbers sum up to 13... just saying!
Another vSphere issue from the last week is probably as big, but this one is on Adobe: their latest Flash release blows up vSphere Web Client > KB2151749. This can start happening any time after your browser decides to auto-update Flash, and you'll know you've ran into this issue when you start seeing "Shockwave Flash has crashed" error upon successful logon to the Web Client. Unfortunately, the problematic version of Flash (27.0.0.170) does resolve a critical 0-day security vulnerability, which makes it a really tough situation. As of today, I am hearing that the best solution is to manually update Flash to the latest beta build that supposedly addresses both issues (or use partial functionality of HTML5 or legacy vSphere clients).
Last week, Microsoft has released Windows 10 Fall Creators Update and Windows Server version 1709. The latter is a quite special release in a way that it is available in Server Core edition ONLY and requires that you have Software Assurance agreement with Microsoft – so it's definitely not for everyone. Anyhow, we've started testing our products against these new OS versions and will decide on support timelines based on the results. Note that for Hyper-V specifically, we've already run into some compatibility issues between the native Hyper-V backup framework and some newly added VM features, and opened a support case with Microsoft to troubleshoot those.
Windows Server 1709 does come with the long What's New document, and some features are quite interesting in the context of Veeam specifically – for example, support for built-in deduplication on ReFS volumes. Remember however that ReFS deduplication engine is not currently BlockClone aware, so I recommend you avoid enabling on ReFS repositories, as the deduplication process will have to "inflate" the processed backup files - so results are somewhat unpredictable from both performance and capacity perspective. On the other hand, ReFS volumes with deduplication enabled will likely make it the perfect target for archiving use cases – we'll be sure to test it well with our upcoming Archive Tier and NAS backup functionality.
Anyway, if you're feeling adventurous and want to try ReFS dedupe out right away – then keep in mind that besides of dealing with a v1 tech, you will also be limited to simple volumes only, because Microsoft decided not to include Storage Spaces Direct functionality in version 1709. I feel the latter was actually one of the most controversial product decision Microsoft has ever made, so I admire their courage to go ahead with this – as in the last few days, I ate a year's worth of popcorn just reading through all the discussions on the Internet about this (obviously, the competition could not possibly pass this opportunity). Anyway, the sky is not falling and S2D will be back in the next Windows Server build.
Here's is some really old stuff that I somehow never heard about > Zip bomb. I'm so impressed - what a clever and yet simple way for a hacker to bypass antiviruses! This is best compared to just blowing up a door altogether instead of picking a lock. This makes it the perfect demonstration why the security testing is so hard – you really have to be a little crazy and think outside of the box to catch this sort of architectural bugs. This also reminded me of one special QC guy I used to work with very long ago – one thing he liked to do that drove the developers absolutely nuts was feeding a huge OS swap file into all dialogs capable of importing files. But with all of them coded to accept small config files of the predefined format, he would often find really spectacular bugs. Most people thought he was weird - it is only now that I started to realize he was rather the QC genius who was simply way ahead of the time... |
Komentáře
Okomentovat