Hi Everyone Is any body aware mostly when vmware will release fix version of vcenter update inorder to
mitigate log4j vulnerability?
I don't think they will release patch for that since every patch they push is breaking more than fixing problems. Workaround is already doing that job.
Seems like anything vmware releases these days breaks something else and gets pulled back, just look at the esxi version releases, last 3 are all pulled back, doesn't exactly give me alot of confidence in a patch with a workaround in place.
This is actually why we normally wait a few weeks after a patch is released, we let the rest of the community take it, follow the community page here to see if there are any major issues, if none then we proceed with the patch. We stopped at 7.02d.
That's exactly the same approach that I take. I advise our customers to wait a few weeks before updating/upgrading their production clusters (except severe security patches or critical bug fixes). I'd rather use a known stable version in brownfield environments. Most customers don't need the new features right away. For greenfield deployments you should consider the customer's plans for when the project must be completed. If the time is too short you also better use a known stable version.