• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Yellow Bricks

by Duncan Epping

  • Home
  • ESXTOP
  • Stickers/Shirts
  • Privacy Policy
  • About
  • Show Search
Hide Search

Where did ESXi 6.5.0 build 7526125 go?

Duncan Epping · Jan 24, 2018 ·

I had two customers asking today what happened to ESXi 6.5 build 7526125. They downloaded patches and installed them in their test environment. Ready to patch some of their clusters they did a validation and found out that the patch (ESXi650-201801001.zip) has disappeared from the face of the earth. This patch included microcode for Intel processors, and Intel informed VMware that there was potentially an issue with their microcode. As such VMware decided to pull the patch as noted in the KB article. Those who had already downloaded the patches and are manually updating, make sure to delete these. Those who use VUM, make sure to exclude them from your baseline as mentioned in the KB:

Any baseline (including VMware Pre-defined Baseline), that includes one or more of  the bulletins that  correspond to patch VMSA-2018-0004, would experience the above listed error and hence, will not be able to proceed with the remediation process. For such customers, it is recommended to create dynamic or static baseline excluding the bulletins ESXi650-201801401-BG, ESXi650-201801402-BG,  ESXi600-201801401-BG,  ESXi600-201801402-BG ,ESXi550-201801401-BG and continue with the remediation process. For more information on Create and Edit Patch or Extension Baselines see vSphere 6.5 document.

Normally I don’t share these types of things anymore, but as I had two people asking on the same day I figured I would as it seems not everyone had seen that the patches were pulled and replaced. If you haven’t downloaded the patches yet, or haven’t patched your systems but want to, read this advisory first and use the patches mentioned it.

Related

Server esxi, patch, update

Reader Interactions

Comments

  1. Edy says

    24 January, 2018 at 12:48

    Thank you for the heads. We have already appklied the fixed and based on the KB it says

    For servers using affected Intel processors (see Table 1.) that have applied ESXi650-201801402-BG, ESXi600-201801402-BG, or ESXi550-201801401-BG VMware recommends the following:
    On each affected ESXi host, add the following line in the /etc/vmware/config file:
    cpuid.7.edx = “—-:00–:—-:—-:—-:—-:—-:—-”

    What would happened if we do not perform the above mentioned changes? would that be any performance or stability issue on the ESXi host?

    Our ESXi is a private cloud and only a handful trusted admin have access to the VMs thus we believe our risk for the exposure is low.

    • Duncan says

      26 January, 2018 at 09:26

      I don’t know what the potential impact is, but “stability” could indeed be one of them.

  2. Robert says

    25 January, 2018 at 00:56

    Please review KB52245 for a holistic view on VMware’s response = We don’t comment on Intels “sightings”, we recommend to add the very simple workaround and power cycle VMs.

    The decision is up to you.

  3. Paul T says

    26 January, 2018 at 21:59

    We have had a weird issue for a couple weeks where guests would crash on only a particular host. The host in question is the only one updated to build 7526125. I am downgrading it as we speak. I also went through and re-initialized all of my VUM instances to purge all downloaded patches. Hopefully this is the issue with my host.

  4. Edy says

    26 January, 2018 at 22:59

    I have opened a SR with Vmware and was told the following

    “We can confirm at this time that in terms of the operational aspect of vCenter or ESXi, there is no impact. It is just that it is not secure and it is vulnerable.”

  5. Lesmona says

    21 February, 2018 at 20:42

    just want to let you know that i unfortunatly downloaded this patch and applied it to my cluster. since 25 days there was no impact on stablility o something. everything works normal…

Primary Sidebar

About the author

Duncan Epping is a Chief Technologist in the Office of CTO of the Cloud Platform BU at VMware. He is a VCDX (# 007), the author of the "vSAN Deep Dive", the “vSphere Clustering Technical Deep Dive” series, and the host of the "Unexplored Territory" podcast.

Upcoming Events

May 24th – VMUG Poland
June 1st – VMUG Belgium
Aug 21st – VMware Explore
Sep 20th – VMUG DK
Nov 6th – VMware Explore
Dec 7th – Swiss German VMUG

Recommended Reads

Sponsors

Want to support Yellow-Bricks? Buy an advert!

Advertisements

Copyright Yellow-Bricks.com © 2023 · Log in