With continuous monitoring and security intelligence gathering, Microsoft ensures proactive identification and mitigation of security threats. By leveraging advanced analytics, Microsoft is able to detect vulnerabilities early, empowering organizations to stay ahead of potential risks and safeguard their digital assets effectively. Recently, Microsoft discovered a critical ESXi vulnerability and has been collaborating with Broadcom to develop and qualify a secure patch to address this issue.
With Microsoft’s commitment to the security of our platform and our improved lifecycle management process, we were able to quickly assemble a global team to work on the acceleration and validation of the ESXi 8.0 U2d Build 24585300 security patch. We have successfully qualified the security patch that will mitigate VMSA-2025-0004 across our fleet.
As a result, with the public release of this vulnerability we are ready to patch your existing Azure VMware Solution infrastructure. We are committing to completing the remediation within 30-days. Microsoft will communicate the scheduled date of patching over the next three weeks. Any Azure VMware Solution private cloud deployed after March 4, 2025 will be provisioned with the patch already applied to the environment.
Microsoft takes an in-depth approach to vulnerability and risk management. With our new and improved partnership with Broadcom, this allows us to enhance our overall security and quickly address vulnerabilities in VMware solutions.
If you are interested in the Azure VMware Solution, please use these resources to learn more about the service:
- Homepage: Azure VMware Solution
- Documentation: Azure VMware Solution
- SLA: SLA for Azure VMware Solution
- Azure Regions: Azure Products by Region
- Known Issues: Azure VMware Solution
- Software Versions: Azure VMware Solution
- Security Advisories: Broadcom
- Release Notes: ESXi 8.0 U2d Build 24585300
Author Bios
Ricky Perez is a Senior Technical Program Manager in the Azure VMware Solution product group at Microsoft. His background is in solution architecture with experience in public cloud and core infrastructure services.
Chastidy Harris is a Senior Program Manager in the Azure VMware Solution product group at Microsoft.
Rahi Patel is a Senior Technical Program Manager in the Azure VMware Solution product group at Microsoft.
René van den Bedem is a Principal Technical Program Manager in the Azure VMware Solution product group at Microsoft. His background is in enterprise architecture with extensive experience across all facets of the enterprise, public cloud & service provider spaces, including digital transformation and the business, enterprise, and technology architecture stacks. René works backwards from the problem to be solved and designs solutions that deliver business value with the minimum of risk. In addition to being the first quadruple VMware Certified Design Expert (VCDX), he is also a Dell Technologies Certified Master Enterprise Architect, a Nutanix Platform Expert (NPX), and a VMware vExpert.
Microsoft