VMware Archives

Winsage

May 9, 2025

You Need a Windows Package Manager — Virtualization Review

Microsoft's WinGet is a command-line tool for managing software on Windows, allowing users to install, update, list, and uninstall applications. UniGetUI is an open-source graphical user interface that enhances WinGet's functionality, making it easier for users to manage software without using the command line. UniGetUI supports various package managers and features batch operations, automatic updates, and custom installation options. To install UniGetUI, users can execute the command winget install --exact --id MartiCliment.UniGetUI --source winget or download it from the Microsoft Store. Users can easily navigate its interface to discover, install, and uninstall packages.

Winsage

April 29, 2025

Microsoft teases pay-to-patch plan for Windows Server 2025

Microsoft plans to transition its hotpatching feature for on-premises Windows Server 2025 into a paid subscription service starting in July, priced at [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: Microsoft has unveiled plans to transition its hotpatching feature for on-premises Windows Server 2025 into a paid subscription service starting in July. This innovative capability allows administrators to implement software updates without the need for system reboots, a significant advantage that streamlines the update process. Hotpatching: A Game Changer for Administrators Hotpatching is not a novel concept; it has been a staple in various environments, including the Linux kernel, VMware products, and the Xen hypervisor. The primary appeal lies in its ability to facilitate security updates without the disruption of reboots, enabling IT teams to maintain operational continuity without the hassle of scheduling downtime. This feature will be a game changer; you may finally get to see your family on the weekends. Currently, Microsoft offers hotpatching for its Windows Server: Azure Edition and version 2022 within its Azure cloud infrastructure. The company has highlighted that its Xbox team has been a significant user of this feature. In August 2024, a preview of hotpatching for Windows Server 2025 running in Azure was announced, followed by a subsequent preview for on-premises implementations managed through the Arc hybrid-and-multicloud management tool. With this latest update, hotpatching is now available for both the Standard and Datacenter editions of Windows Server 2025, allowing on-premises users to benefit from this functionality. Hari Pulapaka, Microsoft’s general manager of Windows Server, emphasized the transformative potential of hotpatching, noting, “This feature will be a game changer; simpler change control, shorter patch windows, easier orchestration.” He humorously added that it might even allow professionals to enjoy more time with their families on weekends. As of last Thursday, Microsoft announced that the current preview will conclude on June 30, transitioning into a subscription model priced at .50 per core per month. Traditional non-hotpatch updates will remain available at no cost. In a detailed explanation, Janine Patrick, Windows Server Product Marketing Manager, and Artem Pronichkin, Senior Program Manager, outlined the service's structure, which aims to deliver eight hotpatches annually. This schedule follows a three-month cycle: the first month serves as a baseline month (monthly cumulative update), followed by two months dedicated to hotpatches. During baseline months—January, April, July, and October—reboots will be necessary. They also noted that, on rare occasions, a non-hotpatch update may be required during a hotpatch month for security reasons, which would also necessitate a reboot. However, the goal remains to provide up to eight hotpatches each year. The benefits of hotpatching are clear, as it can significantly reduce the 'window of vulnerability' that often occurs when administrators delay updates and restarts following a Windows security update. Additionally, it alleviates the traditional burdens associated with 'Patch Tuesday' updates. Importantly, adoption of hotpatching remains optional; Microsoft will continue to provide software updates according to its existing schedule. However, the company anticipates that many Windows Server 2025 users will find value in the ability to minimize downtime through this subscription service. While Windows Server 2025 machines will need to be managed by Arc to utilize hotpatching, there will be no additional costs associated with using Arc for this new offering. Users currently testing the hotpatching preview will automatically transition to the subscription model starting July 1, unless they choose to disenroll before June 30. Notably, Azure Editions of Windows Server will continue to receive hotpatching at no charge. As this new subscription service approaches, the question remains: Will users embrace the opportunity to pay for the promise of non-disruptive patches? The conversation is open for your thoughts." max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per core per month. Hotpatching allows administrators to implement software updates without system reboots, enhancing operational continuity. Currently, hotpatching is available for Windows Server: Azure Edition and version 2022 within Azure. A preview for Windows Server 2025 running in Azure was announced in August 2024, followed by a preview for on-premises implementations managed through the Arc hybrid-and-multicloud management tool. The feature will be available for both the Standard and Datacenter editions of Windows Server 2025, with a goal of delivering eight hotpatches annually. Baseline months will require reboots, while hotpatch months will not, unless a non-hotpatch update is necessary. Adoption of hotpatching is optional, and traditional updates will continue to be available at no cost. Users testing the hotpatching preview will automatically transition to the subscription model starting July 1, unless they disenroll before June 30. Azure Editions of Windows Server will continue to receive hotpatching at no charge.

Winsage

April 28, 2025

Microsoft makes hot patching a paid feature for Windows Server 2025

Hotpatching in Windows Server 2025 allows system administrators to apply security updates without rebooting, enhancing response times to vulnerabilities. Microsoft will introduce a subscription model for this feature starting July 1, 2024, at an initial rate of [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: Hotpatching emerges as a significant advancement in the realm of Windows Server 2025, allowing system administrators to implement security updates without the need for system reboots. This capability enhances the speed at which organizations can respond to vulnerabilities, aligning with the growing demand for agile IT operations. However, Microsoft has decided to place this feature behind a paywall, introducing a subscription model that will take effect from July 1, 2024, at an initial rate of .50 per core per month. Notably, users operating on Azure will be exempt from this charge, providing a clear incentive for cloud-based deployments. Previously available in Azure Hotpatching is not an entirely new concept; it has been successfully utilized in various environments, including the Linux kernel, VMware products, and the Xen hypervisor. Microsoft has previously offered hot patching capabilities for Windows Server: Azure Edition and version 2022 within the Azure cloud ecosystem. In August 2024, the company unveiled a preview of hot patching for Windows Server 2025 in Azure, followed by an additional preview for deployments managed through the Arc hybrid and multicloud management system in September. This latest preview marks a pivotal moment, as it introduces hot patching for Windows Server 2025 Standard and Datacenter Edition, enabling on-premises applications of this technology for the first time. Microsoft has characterized this feature as a “game changer,” highlighting its potential to redefine patch management for enterprises. Subscription model and patching cycle Under the new subscription model, Microsoft anticipates releasing eight hot patches annually. However, it is important to note that there may be instances where a restart is still required for security purposes. As the transition to the paid version approaches, users currently in the preview phase will be automatically migrated unless they opt out by June 30, 2024. This move has drawn parallels to Microsoft's previous strategies regarding detailed logs, which have sparked concern among security experts. Critics argue that by monetizing essential security features, Microsoft risks compromising the overall security posture for users who may not opt for these additional services. While hotpatching was initially heralded as a cornerstone innovation for Windows Server 2025, its placement behind a paywall raises questions about the balance between enhanced security and cost considerations for organizations. Read also: Windows Server 2025 updates cause problems" max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per core per month, with Azure users exempt from this charge. Hotpatching has been previously available in Azure and is now being introduced for on-premises applications in Windows Server 2025 Standard and Datacenter Edition. Microsoft plans to release eight hot patches annually, although some may still require a restart. Users in the preview phase will be automatically migrated to the paid version unless they opt out by June 30, 2024. Critics express concern that monetizing essential security features may compromise overall security for users who do not subscribe.

Winsage

April 22, 2025

These 7 WSL programs changed how I use Windows

Windows users previously faced challenges using Linux tools via virtual machines until the introduction of the Windows Subsystem for Linux (WSL), which was further improved with WSL2. WSL2 integrates a lightweight virtual machine into Windows, allowing users to run Linux applications seamlessly. Runtipi and CasaOS can be easily set up on WSL2 to host self-service applications without complex configurations. Visual Studio Code (VS Code) offers a WSL extension that enables code execution directly in Linux distributions from Windows, enhancing the coding experience. Gigolo is a frontend for managing network shares, which can also be integrated into Windows 11 through WSL2. Ansible can automate the provisioning of virtual machines and containers on WSL2, making it easier for users engaged in DIY projects. Rsync can be installed via WSL2 for efficient file synchronization and backups on Windows. Podman Desktop allows Windows users to explore container runtimes using WSL2, providing a GUI for managing containers. Lastly, WSL2 enables users to access the Linux terminal and run various Linux distributions directly within Windows 11.

Winsage

March 28, 2025

How to easily create an unattended answer file for Windows 11

On Windows 11, an answer file named autounattend.xml can be created to streamline the installation process by bypassing setup steps. To create this file, users need to install the DISMTools application, which provides a wizard for generating the unattended file. The installation of DISMTools involves using Command Prompt to run the command: winget install CodingWondersSoftware.DISMTools.Preview. To create the unattended file, users launch DISMTools, navigate to the "Unattended answer file creator," and follow the wizard to configure settings such as system language, processor architecture, disk settings, product key, account settings, and network settings. The final step is saving the file as autounattend.xml. To integrate the answer file into Windows 11 installation media, users download the Media Creation Tool, select the USB flash drive option, and copy the autounattend.xml file to the USB drive. This prepares the USB for an unattended installation of Windows 11. The XML file may also appear as "unattend.xml" in other contexts.

Winsage

March 26, 2025

Auth bypass CVE-2025-22230 impacts VMware Windows Tools

Broadcom has addressed a critical authentication bypass vulnerability, CVE-2025-22230, affecting VMware Tools for Windows, rated with a CVSS score of 9.8. This vulnerability allows low-privileged local attackers to escalate their privileges within vulnerable VMs, potentially leading to unauthorized access. It affects VMware Tools versions 12.x.x and 11.x.x across Windows, Linux, and macOS platforms. VMware Tools version 12.5.1 has been released to fix this issue. Additionally, Broadcom issued updates for three zero-day vulnerabilities in VMware ESX products (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226), which were confirmed to be actively exploited and represent a "VM Escape" scenario.

Winsage

March 26, 2025

Update VMware Tools for Windows NOW: High-Severity Flaw Lets Hackers Bypass Authentication

Broadcom has advised users of VMware Tools for Windows to update to the latest version due to a high-severity vulnerability (CVE-2025-22230) that is being exploited by cybercriminals. This vulnerability affects versions 11.x.x and 12.x.x and is classified as an "authentication bypass vulnerability," allowing a malicious actor with non-administrative privileges on a Windows guest to perform high-privilege operations within that VM. The flaw stems from inadequate access control mechanisms. The vulnerability has a CVSS score of 7.8 and does not require user interaction for exploitation. It was discovered by Sergey Bliznyuk of Positive Technologies. Broadcom has patched the vulnerability in version 12.5.1, and users are urged to update immediately, as no workarounds are available.

Tech Optimizer

March 23, 2025

This big Oreon 10 update might be the push you need to finally leave Microsoft Windows behind

Oreon 10, launched in December, is a potential successor to Microsoft Windows, built on AlmaLinux and designed for a user-friendly experience similar to Windows. The latest update, Oreon 10 (Build 2504), features a newly ported GNOME 48 desktop environment, fixes bugs related to timezone detection and fractional scaling, and includes a refreshed theme for legacy GNOME applications. The update also introduces new packages, a fresh default background, and panel blur for improved aesthetics. Oreon 10 (Build 2504) is available for download with updated ISOs for x86_64 architecture, while arm64 versions are pending.

Winsage

March 12, 2025

March Patch Tuesday warnings: Act fast to plug zero day holes in Windows, VMware

Recent assessments have identified critical vulnerabilities in VMware's virtualization products that allow attackers to escape the VM sandbox and execute arbitrary code at the hypervisor level, targeting the ESXi host. This can compromise the hypervisor and grant attackers control over all virtual machines on the server, threatening the entire VMware vSphere infrastructure. These vulnerabilities are particularly concerning as they are targeted by ransomware operators and advanced persistent threat groups, with tens of thousands of systems worldwide affected across various sectors, including finance, healthcare, government, critical infrastructure, and telecommunications. Cybersecurity experts recommend that organizations using affected VMware products urgently deploy patches, assess their virtualization infrastructure for signs of compromise, and enhance monitoring systems to detect suspicious activity.