Deploying Bulletins to Unmanaged Hypervisors

The Bulletins tab can be used to deploy missing bulletins to your ESXi hypervisors and to view information about the bulletins.

To apply one or more bulletins, select the desired bulletins and then use the buttons along the top of the table. For example:

 

 

Deploy latest bulletins

Initiates the deployment of all bulletins that are missing on the ESXi hypervisor. This will include only those bulletins that have not been replaced by newer bulletins. For more information on the bulletin deployment process, see Configuring an ESXi Deployment.

Tip: Use the Only show latest check box to see which bulletins will be deployed if you click Deploy latest bulletins.

Deploy selected bulletins

Initiates the deployment of the selected bulletins. For more information on the bulletin deployment process, see Configuring an ESXi Deployment.

Viewing Bulletin Details

The bottom pane displays detailed information about the bulletin that is selected in the top pane of the Bulletins tab. Detailed information will not be displayed if multiple bulletins are selected.

 

Bulletin ID

Provides a link to the VMware Knowledge Base article that describes the threat addressed by this bulletin.

Replaced by

If shown, indicates that the bulletin has been replaced by a newer bulletin. A link is provided to the VMware Knowledge Base article that describes the newer bulletin.

Vendor Severity

Indicates the severity level of the vulnerability that is corrected by this bulletin. The severity level can be one of the following:

  • Critical: Vulnerabilities that can be exploited by an unauthenticated remote attacker or vulnerabilities that break guest/host operating system isolation. The exploitation results in the compromise of confidentiality, integrity, availability user data, or processing resources without user interaction. Exploitation could be leveraged to propagate an Internet worm or execute arbitrary code between virtual machines and the host.

  • Important: Vulnerabilities whose exploitation results in the compromise of confidentiality, integrity, or availability of user data and processing resources. Such flaws could allow local users to gain privileges, allow authenticated remote users to execute arbitrary code, or allow local or remote users to easily cause a denial of service.

  • Moderate: Flaws where the ability to exploit is mitigated to a significant degree by configuration or difficulty of exploitation, but in certain deployment scenarios could still lead to some compromise of the confidentiality, integrity, or availability of user data and processing resources. These are the types of vulnerabilities that could have had a critical impact or important impact but are less easily exploited based on a technical evaluation of the flaw, or affect unlikely configurations.

  • Low: All other issues that have a security impact. Vulnerabilities where exploitation is believed to be extremely difficult, or where successful exploitation would have minimal impact.

Bundles Missing

The number of bundles that will be installed if the selected bulletin is installed.

Bundle Name

The base name of the bundle within the bulletin. The base name does not include the version information.

Version in Bulletin

The version of the bundle that is specified in the bulletin.

Version Installed

The version of the bundle that is currently installed. The installed version may be older, newer, or the same as the version specified in the bundle. If blank, then no version of this bundle is currently installed.

Bundle State

The state indicate how the installed version compares with the required version. The bundle state can be one of the following:

  • Installed (exact): The installed version of the bundle is the same as the version specified in the bulletin.

  • Installed (installed is newer): The installed version of the bundle is newer that the version specified in the bulletin.

  • Missing (not installed): No version of the bundle is currently installed.

  • Missing (installed is older): The installed version of the bundle is older that the version specified in the bulletin.

Impact

Indicates the impact that applying the bulletin will have on the hypervisor.

File Size

The size of the installation bundle file.