Some VMware perpetual license holders are presently unable to obtain safety patches, The Register reported right now. The virtualization firm has solely stated that these customers will obtain the patches at “a later date,” which means customers are unsure how lengthy their virtualization environments will likely be in danger.
Since Broadcom purchased VMware and ended perpetual license gross sales in favor of bundled subscription-based SKUs, some organizations have opted towards signing up for a subscription and are working VMware with out a assist contract. These customers are nonetheless presupposed to have entry to zero-day safety patches. Nonetheless, some clients reported to The Register that they’ve been unable to obtain VMware patches from Broadcom’s assist portal.
VMware customer support has informed a few of these clients that they might have to attend 90 days earlier than they’ll obtain the patches, The Register reported.
On July 15, VMware disclosed three vital flaws in eight of its choices.
When reached for remark, a Broadcom spokesperson informed Ars Technica:
Nothing has modified in Broadcom’s dedication concerning vital VMware safety patches. Customers of legacy VMware merchandise who not have energetic upkeep and assist entitlements can have free entry to vital safety patches for so long as these merchandise stay supported by Broadcom. This consists of the patches for vital vulnerabilities addressed in VMware Safety Advisory 2025-0013 [issued on July 15]. As a result of our assist portal requires validation of buyer entitlements for software program patches, solely entitled clients have entry to the patches presently.
VMware’s rep informed Ars that affected clients will obtain the patches “at a later date” by way of “a separate patch supply cycle” however didn’t specify when, bringing uncertainty to the safety threat dealing with these customers. Broadcom’s rep declined to specify what number of customers are affected.
Broadcom says the delayed safety patches are associated to portal limitations, however the chipmaker has in any other case put strain on perpetual license holders with out assist contracts by sending them audit letters.
Broadcom’s VMware acquisition scrutinized once more
Information of safety patches being delayed for perpetual license homeowners comes because the Cloud Infrastructure Providers Suppliers in Europe (CISPE) commerce affiliation has filed an attraction to the European Basic Court docket difficult the European Fee’s (EC’s) approval of Broadcom’s VMware acquisition. In its announcement of right now’s submitting, the CISPE stated it “is searching for an annulment of the Fee’s approval of that deal.”
