Уязвимость SMB CVE-2020-0796 или помни WannaCry

CVE-2020-0796: New vulnerability in SMB protocol
Microsoft has released a patch for newly discovered critical vulnerability CVE-2020-0796 in the network protocol SMB 3.1.1.
https://www.kaspersky.com/blog/smb-311-vulnerability/33991/

Microsoft SMBv3.11 Vulnerability and Patch CVE-2020–0796 Explained
Update 03/12/2020:
Microsoft releases out of band patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

Summary
SMBv3.11 has a buffer overflow vulnerability when compression is enabled (default value). Windows 10 and Server use SMBv3.11 and the service runs as SYSTEM. Successful exploitation will result in remote code exection, with SYSTEM privileges. This is considered “wormable”. Microsoft did not release a patch in March 2020 Patch Tuesday.

Надеюсь, никому не надо напоминать о EternalBlue и WannaCry

Introducing Scalable Shares – vSphere 7 - Duncan Epping

Early 2015 Frank Denneman and I had a discussion during a flight to San Francisco. We came up with this concept for Resource Pools where the number of shares would be determined by the number of VMs and the priority of the pool. In other words, we wanted to avoid the dilution of shares in an environment with resource pools and basically solve the resource pool pie paradox problem described here. We worked with the DRS team on describing the concept, we filed a patent for it and got the patent granted in 2019. Today I am happy to share that the feature made it into a release and will be part of vSphere 7.0.
http://www.yellow-bricks.com/2020/03/12/introducing-scalable-shares-vsphere-7/

Cisco Application Centric Infrastructure (ACI) by carly stoughton

Если вдруг вы еще не знакомы с ACI, то советуют начать с просмотра видео от Сarly Stoughton
https://techfieldday.com/personnel/carly-stoughton/
https://www.youtube.com/watch?v=UcCElfcXLcc