IT managers fight to keep up with ESX patches

System administrators could be struggling to keep up

An increasingly large number of patches are being issued for VMware's ESX Server, and system administrators could be struggling to keep up, so says a virtualization blog site

The authors, Ron Oglesby Director of Architecture-Virtualization Services at GlassHouse Technologies and Dan Pianfetti, principal consultant also at GlassHouse, undertook an analysis of the number of days between patches coming out of VMware for the supposedly robust ESX Server. It found that patches used to be issued on average every 60 days, but now take fewer than 20 days per patch.

The authors undertook the research after they started looking at a network issue some VMs were having. They then discovered the quantity of patches for system administrators to install for ESX Server.

"Whatever the reason it is starting to become a trend in some ESX environments; not all patches are installed by the admins," the authors wrote. "The reason for this is pretty simple; we already have patch Tuesday for Microsoft Servers we are dealing with, patches for applications that app owners install, SQL, Exchange, etc patches and of course desktops patching. Sorting through ESX patches is often a secondary job for Windows administrators tasked with maintaining ESX, and if ESX is working, patching it, falls to the bottom of the pile."

To be rational about their assertion, the authors started by looking at the available data on patches for ESX. They couldn't get data all the way back to ESX 1.5 since VMware's website has been revamped several times and those patches are no longer available.

However, they did find 68 patches for ESX 3.0.1, in the course of about a year. They were released in about 11 groups, at an average of about 7 patches per release date (per the VMware website).

Of those 68 patches; 17 were considered Critical patches (an average of 1.4 per release), 21 were security related (average of 1.75 per release) and 30 General patches averaging 2.5 patches per release date.

The authors also noticed that besides the sheer number of patches, the frequency at which patches were released has decreased significantly. They compiled a chart found here, that calculated average number of calendar days between patches by version of ESX Server.

The authors also researched a hypothetical server built on 2 July 2007, 5 months ago. Since being built on that day and put into production that server would have been put into maintenance mode and patched/updated eight times. This means the server would have been put into maintenance mode on an average of every 19 calendar days (less than three weeks) over 5 months.

The authors say that the point of their research is to discover what is behind the increase in the number and frequency of patches for ESX, which supposedly needs very little patching when compared to Windows.

They conclude that in VMware's quest to support more hardware, add more features, and keep Redmond at bay with their advanced technology, VMware seems to be focusing more on "which whiz-bang can we put in today", rather than "how can we make this the most stable enterprise platform available?"

They do not dispute the need for patching, but worry that sooner or later if this current trend continues, VMware will need to follow in Microsoft's footsteps with a Patch Tuesday.

"Obviously patching is a necessary evil, and maybe because we are so used to it in the Windows world, we have ignored this so far," the authors state. "But a patch every 18.75 days for our 'hypothetical' server is a bit much..."

"We haven't double-checked the numbers, but it is pretty obvious (the patches) are due to increasing popularity and relevance of virtualization," said Martin Niemer, VMware's senior product marketing manager for EMEA, speaking to Techworld. "More people are looking at, and exploiting the products, and we have taken action to improve product quality."

"It is important to remember that patching does not mean downtime," he added. Niemer also pointed out that version 3.5 comes with an upgrade manager, which is an automated tool for patching.

In September, VMware launched a new, embedded version of its flagship ESX Server hypervisor. "With the embedded product, we have removed the (Red Hat Enterprise Linux) service console," said Niemer, "which was responsible for about 50 percent of patches."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tom Jowitt
Show Comments

Father’s Day Gift Guide

Brand Post

Bitdefender 2019

Bitdefender solutions stop attacks before they even begin! Get cybersecurity that 500 MILLION users already have and trust.

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?