Some VMware perpetual license homeowners are unable to obtain safety patches

Some VMware perpetual license holders are presently unable to obtain safety patches, The Register reported immediately. The virtualization firm has solely stated that these customers will obtain the patches at “a later date,” which means customers are unsure how lengthy their virtualization environments will probably be in danger.

Since Broadcom purchased VMware and ended perpetual license gross sales in favor of bundled subscription-based SKUs, some organizations have opted towards signing up for a subscription and are working VMware with out a help contract. These customers are nonetheless purported to have entry to zero-day safety patches. Nonetheless, some clients reported to The Register that they’ve been unable to obtain VMware patches from Broadcom’s help portal.

VMware customer support has advised a few of these clients that they could have to attend 90 days earlier than they will obtain the patches, The Register reported.

On July 15, VMware disclosed three important flaws in eight of its choices.

When reached for remark, a Broadcom spokesperson advised Ars Technica:

Nothing has modified in Broadcom’s dedication concerning important VMware safety patches. Customers of legacy VMware merchandise who not have lively upkeep and help entitlements can have free entry to important safety patches for so long as these merchandise stay supported by Broadcom. This consists of the patches for important vulnerabilities addressed in VMware Safety Advisory 2025-0013 [issued on July 15]. As a result of our help portal requires validation of buyer entitlements for software program patches, solely entitled clients have entry to the patches presently.

VMware’s rep advised Ars that affected clients will obtain the patches “at a later date” through “a separate patch supply cycle” however didn’t specify when, bringing uncertainty to the safety threat dealing with these customers. Broadcom’s rep declined to specify what number of customers are affected.

Broadcom says the delayed safety patches are associated to portal limitations, however the chipmaker has in any other case put strain on perpetual license holders with out help contracts by sending them audit letters.

Broadcom’s VMware acquisition scrutinized once more

Information of safety patches being delayed for perpetual license homeowners comes because the Cloud Infrastructure Providers Suppliers in Europe (CISPE) commerce affiliation has filed an attraction to the European Basic Courtroom difficult the European Fee’s (EC’s) approval of Broadcom’s VMware acquisition. In its announcement of immediately’s submitting, the CISPE stated it “is searching for an annulment of the Fee’s approval of that deal.”