I just received an email from VMWare regarding this problem they unintentionally released in a production version of ESX & ESXi. The problem causes Virtual Machines running on this version of ESX to fail to power on after a particular date – today.

Have you checked to see what public sites are down today? Anyone who is diligent about updating ESX just got screwed big time. Now, if you make the assumption that any site which is down today and recovers shortly after VMWare releases an update is running ESX – you probably can guess even what version they are running exactly.

Combine this with the increased focus on hacking virtualized environments as evidenced by all the news coming out of Black Hat & Defcon this year and you should be very concerned. These are not products which have yet seen the scrutiny that platforms like Linux & Windows have had over the years. Seems like a dangerous time for someone to know exactly what version of VMWare you are running.

Update: I didn’t realize originally that this only impacted the startup of a VM on ESX. Sites would have to power off a VM for this problem to surface apparently. It’s not likely that many (reputable) sites would power off all of their VM’s before realizing this issue existed.