Information
The VIX API is a library for writing scripts and programs to manipulate virtual machines. If you do not make use of custom VIX programming in your environment, then you should disable certain features, such as the ability to send messages from the VM to the host. Disabling that feature does not adversely affect the functioning of VIX operations that originate outside the guest, so certain VMware and third-party solutions that rely upon this capability should continue to work. This is a deprecated interface.
Rationale:
Disabling unneeded features reduces the potential for vulnerabilities.
Solution
To disable VIX messages from the VM, run the following PowerCLI command:
# Add the setting to all VMs
Get-VM | New-AdvancedSetting -Name 'isolation.tools.vixMessage.disable' -value $true
Item Details
Category: CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
References: 800-53|CM-1, 800-53|CM-2, 800-53|CM-6, 800-53|CM-7, 800-53|CM-7(1), 800-53|CM-9, 800-53|SA-3, 800-53|SA-8, 800-53|SA-10, CSCv7|9.1
Control ID: a37b32d280aa1fa914e0302382897ccf77b4cfc379cc345512ea8f7b181a0fd1