By leveraging a flaw in VMware's line of virtualization software, an exploit researcher has successfully crafted a guest-to-host attack. Of equal concern is the revelation that the reverse--a host-to-guest attack--is also be possible.

This development shatters the idea of using virtual machines to segregate systems for greater security. Indeed, due to the direct memory writing exploit that was demonstrated, security risks for servers hosting multiple virtual machines can increase dramatically. VMware has already issued patches to resolve the vulnerability, so you just have to make sure it gets applied at the next possible opportunity. The bigger implication though, is that we might have to rethink some assumptions we had about virtualization.

Even as a flash-based SSD starts to gain wider adoption in the enterprise, Samsung has gone one step ahead and unveiled the first ever hardware-based Full Disk Encryption (FDE) SSD. The inherent advantages of SSDs are many, including immunity to shock and lower power consumption compared to traditional hard disk drives. The addition of on-board encryption will now offer another option for CIOs concerned with the ramifications of misplaced or stolen laptops.

Of course, the devil often is in the details, so I'll be sure to get back to you when I am able to take a closer look at it. - Paul