Attackers can use an unused display feature as a vector for inserting malicious code into your environment. Disable features that are not in use in your environment.

Procedure

  1. Browse to the virtual machine in the vSphere Client inventory.
  2. Right-click the virtual machine and click Edit Settings.
  3. Select VM Options.
  4. Click Advanced and click Edit Configuration.
  5. If appropriate, add or edit the following parameters.
    Option Description
    svga.vgaonly

    If you set this parameter to TRUE, advanced graphics functions no longer work. Only character-cell console mode is available. If you use this setting, mks.enable3d has no effect.

    Note: Apply this setting only to virtual machines that do not need a virtualized video card.
    mks.enable3d Set this parameter to FALSE on virtual machines that do not require 3D functionality.