Some VMware perpetual license holders are at the moment unable to obtain safety patches, The Register reported immediately. The virtualization firm has solely stated that these customers will obtain the patches at “a later date,” which means customers are unsure how lengthy their virtualization environments will likely be in danger.
Since Broadcom purchased VMware and ended perpetual license sales in favor of bundled subscription-based SKUs, some organizations have opted towards signing up for a subscription and are working VMware and not using a help contract. These customers are nonetheless imagined to have entry to zero-day safety patches. Nevertheless, some clients reported to The Register that they’ve been unable to obtain VMware patches from Broadcom’s help portal.
VMware customer support has instructed a few of these clients that they could have to attend 90 days earlier than they’ll obtain the patches, The Register reported.
On July 15, VMware disclosed three critical flaws in eight of its choices.
When reached for remark, a Broadcom spokesperson instructed Ars Technica:
Nothing has modified in Broadcom’s dedication concerning vital VMware safety patches. Customers of legacy VMware merchandise who not have energetic upkeep and help entitlements may have free entry to vital safety patches for so long as these merchandise stay supported by Broadcom. This consists of the patches for vital vulnerabilities addressed in VMware Safety Advisory 2025-0013 [issued on July 15]. As a result of our help portal requires validation of buyer entitlements for software program patches, solely entitled clients have entry to the patches right now.
VMware’s rep instructed Ars that affected clients will obtain the patches “at a later date” by way of “a separate patch supply cycle” however didn’t specify when, bringing uncertainty to the safety danger dealing with these customers. Broadcom’s rep declined to specify what number of customers are affected.
Broadcom says the delayed safety patches are associated to portal limitations, however the chipmaker has in any other case put stress on perpetual license holders with out help contracts by sending them audit letters.
Broadcom’s VMware acquisition scrutinized once more
Information of safety patches being delayed for perpetual license homeowners comes because the Cloud Infrastructure Companies Suppliers in Europe (CISPE) commerce affiliation has filed an enchantment to the European Normal Court docket difficult the European Fee’s (EC’s) approval of Broadcom’s VMware acquisition. In its announcement of immediately’s submitting, the CISPE stated it “is looking for an annulment of the Fee’s approval of that deal.”
