Attackers can use an unused display feature as a vector for inserting malicious code into your environment. Disable features that are not in use in your environment.
Prerequisites
Procedure
- Browse to the virtual machine in the vSphere Client inventory.
- Right-click the virtual machine and click Edit Settings.
- Select VM Options.
- Click Advanced and click Edit Configuration.
- If appropriate, add or edit the following parameters.
Option Description svga.vgaonly If you set this parameter to TRUE, advanced graphics functions no longer work. Do not set this parameter to TRUE with modern-day guest operating systems as they do not operate correctly. When svga.vgaonly is set to TRUE, only character-cell console mode is available. If you use this setting, mks.enable3d has no effect.
Note: Apply this setting only to virtual machines that do not need a virtualized video card.mks.enable3d Set this parameter to FALSE on virtual machines that do not require 3D functionality.