The Async Patch Tool is a utility that allows you to apply critical patches to certain VMware Cloud Foundation components (NSX-T Manager, vCenter Server, and ESXi) outside of VMware Cloud Foundation releases. The Async Patch Tool also allows you to enable upgrade of an async patched system to a new version of VMware Cloud Foundation.
Note: VMware Cloud Foundation on Dell EMC VxRail only supports async patches for NSX-T Manager and vCenter Server.
For example, you could use the Async Patch Tool to get a vCenter Server patch that addresses a critical security issue as described in a VMware Security Advisory (VMSA). You use the Async Patch Tool to download the patch and upload it to the internal LCM repository on the SDDC Manager appliance. Then you use the SDDC Manager UI to apply the patch.
Note: Patched components will have different versions than those listed in the Bill of Materials (BOM).
The process for downloading and uploading patches varies depending on whether or not the SDDC Manager appliance has access to the internet. If the SDDC Manager appliance has access to the internet (online), you perform all Async Patch Tool operations from the SDDC Manager appliance. If the SDDC Manager appliance does not have access to the internet (offline), you perform some operations from a computer with internet access and some operations from the SDDC Manager appliance. See:

After you apply an async patch, and one or more of the VMware Cloud Foundation component versions deviates from the BOM, you must use the Async Patch Tool to enable an upgrade to a later version of VMware Cloud Foundation. For example, if you apply a vCenter Server patch to a VMware Cloud Foundation 4.3.1 instance, you must use the Async Patch Tool to enable an upgrade to VMware Cloud Foundation 4.4.

The Async Patch Tool is supported with VMware Cloud Foundation 4.2.1 and later.

For information about known issues, see the Async Patch Tool Release Notes.