VMware CEO apologizes for faulty patch
Connecting state and local government leaders
UPDATED: A bug in the company's most recent software update blocked users from starting their virtualized servers.
Originally posted Aug. 12 at 4:24 p.m. and updated Aug. 13 at
2:25 p.m.
Aug. 12 was a blow-out day for some users of VMware's ESX 3.5
and ESXi 3.5 virtualization products, especially if they had
applied the latest product updates called "Update 2."
The company issued an initialknowledge base article (KB 1006716) yesterday about the
problem, which causes licenses to expire on the patched machines,
along with other associated difficulties. VMware plans to provide
additional information on the matter by revising its KB 1006716
bulletin in the future, according to the company's VMTN blog.
VMware's CEO, Paul Maritz, released a letter yesterday, apologizing to
customers and explaining the problem.
"When the time clock in a server running ESX 3.5 or ESXi 3.5
Update 2 hits 12:00AM on August 12th, 2008, the released code
causes the product license to expire," Maritz wrote.'"The
problem has also occurred with a recent patch to ESX 3.5 or ESXi
3.5 Update 2."
Users of those products that applied Update 2 will see a number
of problems with their virtual machines, including power off/on
problems, machines stuck in suspend mode and an inability to
migrate using VMotion.
VMotion is the function that lets users move their virtual
machines from one physical server to another.
VMware has issued twoexpress patches (one for ESX 3.5 and the other for ESXi
3.5) for those who applied the updates. Those who haven't applied
the ESX 3.5 Update 2 patch should refrain from doing so if they
downloaded it before August 12, 2008, according to KB 1006716.
The company plans to issue a full replacement for Update 2 in
the next day or so, according to Maritz. He added that this Update
2 replacement "should be used by customers who want to perform
fresh installs of ESX or ESXi."
Maritz explained the VMware failed to disable some code in the
final release of Update 2 for both products and that the company's
quality assurance process failed to catch it. He said that the
company is engaged in a "self-examination" process to avoid such
problems in the future.
A VMware security blog said that the
update problem is not related to an ESX security exploit issue.
It's a license time out problem, so it doesn't mean that systems
running ESX were compromised by an attack.
It's not clear how extensive the damage has been, although
VMware in Australia, which reported first on the problem because of
time zone progression, apparently knew of few incidents, according
to one report.
NEXT STORY: Encryptionizer submitted for FIPS certification