ESXi 5.5 / 6.0 / 6.5 / Hypervisor-Assisted Guest Remediation for Speculative Execution (VMSA-2018-0004) (Spectre) (remote check)
Medium Nessus Plugin ID 105782
SynopsisThe remote VMware ESXi host is missing a security patch which enables hardware support for branch target mitigation.
DescriptionThe remote VMware ESXi host is version 5.5, 6.0, or 6.5 and is missing a security patch. It is, therefore, missing security updates that add hypervisor-assisted guest remediation for a speculative execution vulnerability (CVE-2017-5715). These updates will allow guest operating systems to use hardware support for branch target mitigation and will require guest OS security updates as detailed in VMware Knowledge Base article 52085.
Note that hypervisor-specific remediation's for this vulnerability were released as part of VMSA-2018-0002.
SolutionApply the appropriate patch as referenced in the vendor advisory.