Posted in Security Advisory

Recently, over 45,000 VMware ESXi systems reached their end of life.

   25 October 2022
After reaching end-of-life (EOL), over 45,000 VMware ESXi servers that Lansweeper (creates asset management and discovery software that enables customers to track what hardware and software are installed on their network.) inventoried are no longer receiving software and security upgrades unless businesses pay an extended maintenance contract from VMware.

VMware ESXi 6.5 and ESXi 6.7 reached end-of-life on October 15, 2022, and will no longer receive technical support or security updates, putting the software at risk of vulnerabilities.

The company examined data from 6,000 customers and discovered 79,000 VMware ESXi servers installed.

36.5% (28,835) of those servers are running version 6.7.0, which was released in April 2018, and 21.3% (16,830) are running version 6.5.0, which was released in November 2016. As of today, 45,654 VMware ESXi servers have reached End of Life.

Lansweeper’s findings are concerning because, in addition to the 57% that enters a period of elevated risk, another 15.8% of installations run even older versions, ranging from 3.5.0 to 5.5.0, which reached EOL quite some time ago.

In summary, only about one out of every four ESXi servers (26.4%) inventoried by Lansweeper is still supported and will receive regular security updates until April 02, 2025.

Technical support for ESXi 6.5 and 6.7 will be available until November 15, 2023; however, this only pertains to implementation-related issues, not security risk reduction.

The two-year extended support, which must be bought separately, is the only way to guarantee that you can safely use older versions in the future. This does not, however, include updates for third-party software packages.

VMware may continue to provide critical security patches for these older versions however it’s not guaranteed, and it certainly won’t provide patches for all newly discovered vulnerabilities.

This year alone, ransomware such as Black Basta, RedAlert, GwisinLocker, Hive, and Cheers targeted ESXi VMs, furthermore, Mandiant recently discovered that hackers discovered a new way to establish persistence on VMware ESXi hypervisors, allowing them to control the server and hosted VMs without being detected.

Therefore it is very important to keep your infrastructure up to date, here are the links to help you with your upgrade journey:

  1. Upgrade to vSphere 7
  2. How to upgrade ESXi 6.5/6.7 to ESXi 7.0 (video)
  3. vSphere upgrade (video)

🔥Subscribe to the channel: https://bit.ly/3vY16CT🔥

🚨Read my blog: https://angrysysops.com/

👊Twitter: https://twitter.com/AngrySysOps
👊Facebook: https://www.facebook.com/AngrySysOps
👊My Podcast: https://bit.ly/39fFnxm

🔥vExpert info: https://bit.ly/3vXGPOa

🛒 VMware EMEA store: https://imp.i263671.net/c/3505578/814646/11461

🛒 VMware US store: https://imp.i263671.net/c/3505578/814642/11461

🛒 VMware APAC store: https://imp.i263671.net/c/3505578/814645/11461

Please leave the comment