This thread is created to answer any questions you may have on the latest VMware vulnerability – VMSA-2021-0010
Please review the documentation below, as this may answer any questions you have
Step by step update guides are available at the links below
As per https://kb.vmware.com/s/article/67077 , from vCenter 6.7 U3n to any vCenter 7.x version upgrade is not supported. Should we wait for the supported vCenter version release?
How about vCenter 7.0 U1? If the environment not ready to upgrade to 7.0 U2, Is there any permanent U1 fixed for this?
@Nathan99 You are right, LCM will see the new patch. You will have to follow the usual update process of VCF environment. First SDDC Manager update, followed by other components, more details in Release Notes
@ChethanBH88 Yes, we need to wait for the supported vCenter Server version release.
@wcpoon83 There is no permanent fix on top of 7.0 U1, upgrade to 7.0 U2b will be needed to fix the issue permanently. Workaround to disable the plugins would be the only feasible option in this scenario.
Why there is no consideration to release the patch for 7.0 U1?
They are customer out there got other software dependency to upgrade to 7.0 U2.
If disable plugin is the only option, then how to use the vCDA? vsan? It is very troublesome if vcda, vsan, SRM are use very frequent.
@wcpoon83 vCenter patches are cumulative and as such, are always built on the latest released version. Each release contains all the updates from the previous version including security patches, fixes from known issues etc. 7.0U1d was the last release for U1 and there are no plans for any future update on top of U1.