VMware will no longer provide software and security updates for over 45,000 VMware ESXi servers that have just reached end-of-life (EOL).
Based on the inventory of Lansweeper, which includes the analysis of data from 6,000 customers, 79,000 installed VMware ESXi servers were found. 36.5% (28,835) run version 6.7.0 released in April 2018, and 21.3% (16,830) are on version 6.5.0 released in November 2016. Today, there are a total of 45,654 VMware ESXi servers reaching End of Life today.
As of October 15, 2022, VMware ESXi 6.5 and VMware ESXi 6.7 have reached end-of-life and will only receive technical support without security updates, making the software vulnerable.
The vulnerability risk of these servers is even more alarming when you consider that in addition to the 57% that entered a period of increased risk, another 15.8% are running installations with even older versions ranging from 3.5.0 to 5.5.0 which reached EOL some time ago.
At the moment, only about one in four ESXi servers (28.4%) inventoried by Lansweeper are still supported and will receive regular security updates until April 2, 2025.
Users who wish to continue to use older versions securely are advised to apply for the two-year extension of support, which must be purchased separately. It is important to note that it does not include updates for third-party software packages.
The sources for this piece include an article in BleepingComputer.