check-circle-line exclamation-circle-line close-line

VMware vCenter Server 6.7.0d Release Notes

vCenter Server 6.7.0d | AUG 14 2018 | ISO Build 9451876

vCenter Server Appliance 6.7.0d | AUG 14 2018 | Build 9451876

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

What's New

The vCenter Server 6.7.0d release includes the following list of new features:

  • vCenter Server 6.7.0d and ESXi 6.7 Patch Release ESXi670-201808001 introduce the ESXi advanced configuration option HyperthreadingMitigation. The new option mitigates the vulnerability described in CVE-2018-3646. For more information on vulnerability assessment and full mitigation steps for the vSphere environment, see the VMware Knowledge base article 55636
  • vCenter Server 6.7.0d and ESXi 6.7 Patch Release ESXi670-201808001 introduce the ESXi advanced configuration option SuppressHyperthreadWarning. After the installation of the ESXi patch, if your environment has hosts vulnerable to CVE-2018-3646, an alert is displayed in the Summary tab of either the vSphere Web Client or vSphere Client. SuppressHyperthreadWarning can be used to suppress this alert.

Earlier Releases of vCenter Server 6.7

Features and known issues of vCenter Server are described in the release notes for each release. Release notes for earlier releases of vCenter Server 6.7 are:

For internationalization, compatibility, installation and upgrades, open source components and product support notices see the VMware vSphere 6.7 Release Notes.

Patches Contained in This Release

vCenter Server 6.7.0d delivers the following patches. See the VMware Patch Download Center for more information on downloading patches.

Full Patch for VMware vCenter Server Appliance 6.7.0d

Product Patch for vCenter Server Appliance 6.7 containing VMware software fixes.

This patch is applicable to the vCenter Server Appliance and Platform Services Controller Appliance.

For vCenter Server and Platform Services Controller Appliances

Download Filename VMware-vCenter-Server-Appliance-6.7.0.14000-9451876-patch-FP.iso
Build 9451876
Download Size 2094.8 MB
md5sum 5139b76cbf31160d719a21f04b16b6e8
sha1checksum 3fcd61de56a7ecd7c2f0e41d94753fa213c6a521

Download and Installation

You can download this patch by going to the VMware Patch Download Center and choosing VC from the Search by Product drop-down menu.

  1. Attach the VMware-vCenter-Server-Appliance-6.7.0.14000-9451876-patch-FP.iso file to vCenter Server Appliance CD or DVD drive.
  2. Log in to the appliance shell as root and run the commands given below:
    1. To stage the ISO:
      software-packages stage --iso
    2. To see the staged content:
      software-packages list --staged
    3. To install the staged rpms:
      software-packages install --staged

For more information on patching the vCenter Server Appliance, see Patching the vCenter Server Appliance.

For more information on staging patches, see Stage Patches to vCenter Server Appliance.

For more information on installing patches, see Install vCenter Server Appliance Patches.

For issues resolved in this patch, see Resolved Issues.

For more information on patching using the Appliance Management Interface, see Patching the vCenter Server Appliance by Using the Appliance Management Interface.

Upgrade Notes for This Release

Important: Proper mitigation of the vulnerability described in CVE-2018-3646 requires first updating to vCenter Server 6.7.0d, followed by mitigation of each of the hosts as described in VMware Knowledge base article 55636. Mitigation of the guest OS can start after all the hosts are secured. Attempting to configure or re-configure per-VM Enhanced vMotion Compatibility (EVC) while the hosts are partially mitigated might result in difficulty to troubleshoot vSphere vMotion behaviors noted in the Known Issues section. Complete the upgrade of all hosts prior to changing the configuration of virtual machines.

Upgrade and migration paths from vCenter Server 6.5 Update 2 and above to vCenter Server 6.7 and later are not supported.

Resolved Issues

The resolved issues are grouped as follows.

Security Issues
  • VMware vCenter Server 6.7.0d is one of several steps needed to mitigate CVE-2018-3646.  For more information on vulnerability assessment and full mitigation steps for the vSphere environment, see the VMware Knowledge base article 55636

Known Issues

The known issues are grouped as follows.

Miscellaneous Issues
  • Inconsistent patching of vCenter Server and ESXi might lead to issues with per-VM EVC

    If you upgrade to ESXi 6.7 Patch Release ESXi670-201808001 but do not upgrade all ESXi hosts, a newly configured or reconfigured per-VM EVC might incorrectly power-on a virtual machine on an unpatched host. In such a case, the virtual machine might be missing some features added to a patched host. Due to compatibility checks, such virtual machines can not be migrated to patched hosts in the same EVC cluster by using vSphere vMotion. If the source and destination hosts are not in the same EVC cluster, they might have different feature sets and migration might be possible.

    Workaround: Before you configure or reconfigure per-VM EVC, upgrade all the standalone ESXi hosts, as well as hosts inside a cluster, to ESXi 6.7 Patch Release ESXi670-201808001.

  • If you enable per-VM EVC, the virtual machine might fail to power on

    If you enable cluster-level EVC and even one of the hosts in the cluster is not patched with ESXi 6.7 Patch Release ESXi670-201808001, the new CPU IDs of that cluster might not be available on the cluster. In such a cluster, if you configure or reconfigure per-VM EVC, virtual machines might fail to power on.

    Workaround: Before you configure or reconfigure per-VM EVC, upgrade all the standalone ESXi hosts, as well as hosts inside a cluster, to ESXi 6.7 Patch Release ESXi670-201808001.

  • If you disable per-VM EVC, migration of virtual machines by using VMware vSphere vMotion might fail

    If you enable cluster-level EVC and even one of the hosts in the cluster is not patched with ESXi 6.7 Patch Release ESXi670-201808001, the new CPU IDs of that cluster might not be available on the cluster. In such a cluster, if you disable per-VM EVC, migration by using vSphere vMotion might fail for virtual machines running on a non-patched host to a patched host.

    Workaround: Upgrade all hosts in the EVC cluster to ESXi 6.7 Patch Release ESXi670-201808001. Disable per-VM EVC. 

vCenter Server, vSphere Client, and vSphere Web Client
  • Trying to disable the usage of Hyperthreading after enabling the HyperthreadingMitigation option on an ESXi host might trigger an incorrect message in the Processors view

    When you enable the HyperthreadingMitigation option on an ESXi host, by setting VMkernel.Boot.HyperthreadingMitigation to True, the usage of Hyperthreading by this ESXi patch is disabled, regardless of the previous settings. If you decide to change the setting VMkernel.Boot.Hyperthreading to False to disable the option, you might see the message Disabled(Enabled on restart) in the Processors view. In fact, Hyperthreading is not used after the restart.

    Workaround: None. Ignore the message.

Known Issues from Earlier Releases

To view a list of previous known issues, click here.