VMware

VMware vCenter Update Manager Release Notes


VMware vCenter Update Manager 4.0 Update 1 Patch 2| 09 AUGUST 2010 | Build 282702

Last Document Update: 09 Aug 2010

Check periodically for additions and updates to these release notes.

These release notes cover the following topics:

The Update Manager 4.0 Update 1 Patch 2 release notes provide information about VMware vCenter Update Manager, an optional module for VMware vCenter Server. For more information about VMware vCenter Update Manager, see the VMware vCenter Update Manager Administration Guide.


What's New

This release of Update Manager is a patch release and is not bundled with vCenter Server.

The Update Manager 4.0 Update 1 Patch 2 release contains bug fixes related to the scan results and the suggested patch conflict resolution during the upgrade of hosts added to a Cisco Nexus 1000V Distributed Virtual Switch (DVS), and during the addition of a host to a DVS. These bug fixes are described in Resolved Issues. The known issues in this release are described in Known Issues.

Top of Page

Hardware Requirements and Sizing Estimator

Hardware Requirements

Minimum hardware requirements for Update Manager vary depending on how Update Manager is deployed. If the database is installed on the same machine as Update Manager, requirements for memory size and processor speed are higher. The minimum requirements to ensure acceptable performance are as follows:

  • Processor: Intel or AMD x86 processor with two or more logical cores, each with a speed of 2GHz
  • Network: 10/100 Mbps
    For best performance, use a Gigabit connection between Update Manager and ESX hosts.
  • Memory:
    • 2GB RAM if Update Manager and the vCenter Server are on different machines
    • 4GB RAM if Update Manager and the vCenter Server are on the same machine

Sizing Estimator

Disk storage requirements vary depending on your deployment. For more information, see the VMware vCenter Update Manager Sizing Estimator. The sizing estimator calculates the size of the VMware vCenter Update Manager 4.0 database and patch store. The estimate is calculated from the information that you enter about your deployment, such as the number of the hosts and virtual machines. The sizing estimator also provides recommendations for the Update Manager database and server deployment models.

For information about the VMware vCenter Update Manager performance, best practices, and recommendations, see the VMware vCenter Update Manager Performance and Best Practices white paper.

Top of Page

Installation Notes

Installation of VMware vCenter Update Manager requires network connectivity with an existing vCenter Server system. Each installation of vCenter Update Manager must be associated with a single vCenter Server instance.

Before you install Update Manager, you must install vCenter Server.

The Update Manager module consists of a client component, which is a plug-in interface to a VMware vSphere Client instance, and a server component, which can be installed on the same system as vCenter Server or on a different system.

Future releases of VMware vCenter Update Manager might not support installation on 32-bit Windows operating systems. VMware recommends installing vCenter Update Manager on a 64-bit operating system.

This release of Update Manager is a patch release, and is not bundled with the vCenter Server installation. Download the VMware vCenter Update Manager 4.0 Update 1 Patch 2 release from the VMware vCenter Update Manager 4 Update 1 Patch 2 download page. Extract the .zip file, navigate to the bin directory, and run the VMware-UpdateManager.exe file. Follow the steps described in the Installing Update Manager chapter of the VMware vCenter Update Manager Administration Guide. When the wizard prompts you to enter the information about the vCenter Server system with which your Update Manager installation will work, specify information about your vCenter Server 4.0 Update 1 system.

Top of Page

Upgrade Notes

This patch release allows upgrades from all earlier Update Manager 1.x and Update Manager 4.0.x versions.

Before you upgrade Update Manager from an earlier version, you must upgrade vCenter Server and the vSphere Client to a compatible version.

Compatibility Matrix
 
VirtualCenter Server
2.5 Update 6
VI Client
2.5 Update 6
Update Manager
1.0 Update 6
Yes
Yes
4.0
No
No
4.0 Update 1
No
No
4.0 Update 1 Patch 1
No
No
4.0 Update 1 Patch 2
No
No

 

Compatibility Matrix
 
vCenter Server
vSphere Client
Update Manager 
4.0
4.0 Update 1
4.0
4.0 Update 1
1.0 Update 6
No
No
No
No
4.0
Yes
No
Yes
No
4.0 Update 1
No
Yes
No
Yes
4.0 Update 1 Patch 1
No
Yes
No
Yes
4.0 Update 1 Patch 2
No
Yes
No
Yes

To upgrade your existing vCenter Update Manager installation, download the VMware vCenter Update Manager 4.0 Update 1 Patch 2 release from the VMware vCenter Update Manager 4 Update 1 Patch 2 download page. Extract the .zip file, navigate to the bin directory, and run the VMware-UpdateManager.exe file. Follow the steps described in the Upgrading Update Manager chapter of the VMware vCenter Update Manager Administration Guide.

Top of Page

Interoperability and Supported Operating Systems

Update Manager can scan and remediate a variety of ESX/ESXi hosts, virtual machines, virtual appliances, and applications.

ESX Hosts Scanning and Remediation

  • Host patching
    • ESX 3.5 or later
    • ESX 3i or later
    • ESX 3.0.3
  • Host upgrade
    • ESX 3.0.0 or later
    • ESX 3i or later

Virtual Machine Scanning and Remediation
  • Windows XP Professional 32-bit, SP2 Required
  • Windows XP Professional 64-bit
  • Windows 2003 Datacenter
  • Windows 2000 Server, SP4 with Update Rollup 1
  • Windows 2000 Professional, SP4 Required
  • Windows Server 2003, SP1 Required
  • Windows Server 2003 R2
  • Windows Server 2003 x64
  • Windows Server 2003 Standard/Web, 32-bit and 64-bit
  • Windows Server 2008
  • Windows Vista Business
  • Windows Vista Enterprise
  • Windows Vista Business (x64)
  • Windows Vista Enterprise (x64)

Virtual Machine Scanning
  • Red Hat Enterprise Linux AS 3.0 (Update 5 Required)
  • Red Hat Enterprise Linux ES 3.0 (Update 5 Required)
  • Red Hat Enterprise Linux AS 4.0 (Update 2 Required)
  • Red Hat Enterprise Linux ES 4.0 (Update 2 Required)

Application Scanning and Remediation:
  • Internet Information Server (IIS)
  • Windows Media Player, version 7.0 or later
  • Microsoft SQL Server versions 7.0/2000/2005
  • Microsoft SQL Server Desktop Edition (MSDE) version 1.0 or later
  • Exchange 2000 Server and Exchange Server 5.0
  • Internet Explorer version 4.0 or later
  • Outlook Express version 4.01 or later
  • Microsoft Site Server 3.0
  • ISA Server 2000
  • Microsoft .NET Framework, version 1.0 or later
  • Microsoft Data Access Components (MDAC) 2.5 or later
  • BizTalk Server 2000 or later
  • SNA Server 4.0
  • Host Integration Server 2000
  • WinZip 8.1 or later
  • Apache 1.3 and 2.0
  • Firefox 1.0 or later
  • RealPlayer 10 or later
  • Adobe Acrobat Reader

Top of Page

Resolved Issues

  • Update Manager might display an incorrect conflict resolution message when you scan ESX/ESXi 4.0 hosts managed by Cisco Nexus 1000V
    When you scan hosts that are running ESX/ESXi 4.0 and later against baselines containing either VEM or VMkernel patches, Update Manager 4.0 Update 1 might report a conflict for a VEM or VMkernel patch. The conflict resolution message might suggest you to add a Not Applicable patch to the baseline to resolve the conflict. This issue is fixed in Update Manager 4.0 Update 1 Patch 2. For hosts that are running ESX/ESXi 4.0 Update 1 and later, Update Manager now displays the correct patch to resolve the conflict.
    For hosts that are running versions earlier than ESX/ESXi 4.0 Update 1, Update Manager might not display a conflict resolution message, or might display a message of the type: There are no Updates available in VMware vCenter Update Manager patch repository that can resolve the conflict with the host. This is because there was none released or VMware vCenter Update Manager has not downloaded them. This message appears even when the correct VMkernel or VEM patch is present in the patch repository. For more information about this Update Manager behavior and for a detailed workaround, see Update Manager 4.0 Update 2 might display an incorrect conflict resolution message when you scan ESX/ESXi 4.0 hosts managed by Cisco Nexus 1000V (KB 1020907).
  • You might not be able to add an ESX/ESXi 4.0 host to Cisco Nexus 1000V DVS
    When you add an ESX/ESXi host to Cisco Nexus 1000V DVS, Update Manager automatically installs the VEM on the host. When you add an ESX/ESXi 4.0 host, if some conflicting or multiple obsolete updates for the VEM exist in the patch repository, Update Manager might select to install a VEM with Not Applicable compliance status.
    This issue is fixed in this release.

Top of Page

Known Issues

The known issues in this VMware vCenter Update Manager release are grouped as follows:

Installing and Upgrading

  • A minimum of 600MB of free space for Update Manager on the boot drive is required to install Update Manager
    Although Update Manager does not need to be installed on the boot drive, some required components must be installed on the boot drive. 600MB of space for Update Manager is required at installation time to accommodate these required components, as well as temporary files used during the installation.
    Workaround: Ensure at least 600MB of free space on the boot drive before installing Update Manager.
  • You cannot install Update Manager to a directory containing an exclamation mark
    In the installation wizard of Update Manager, you can change the installation path of Update Manager. Changing the installation directory to a folder that contains an exclamation mark results in an error and the installation does not complete. Installation paths that have an exclamation mark are not supported.
  • During Update Manager installation a wrong warning message might appear
    During the Update Manager installation, you might be incorrectly warned that the patch download location you specify has insufficient free space. This issue occurs when you select a path to a drive with free space more than 20GB and create a new folder on that drive. The minimum recommended amount of patch store location free space is 20GB. More space might be necessary, depending on your deployment system.
    Workaround: Ignore the message and proceed.
  • When you upgrade Update Manager an error message during the database upgrade might appear
    When you upgrade Update Manager, you have to upgrade the database. If you use an Oracle database and grant the user only the connect privilege, an error message for insufficient privileges is displayed. Even if you provide the user the execute on dbms_lock, create procedure, create sequence, create table, create any sequence, and the create any table privileges, the database upgrade fails.
    Workaround: Grant the following set of privileges to the Update Manager database user:
    • connect
    • execute on dbms_lock
    • create view
    • create procedure
    • create table
    • create sequence
    • create any sequence
    • create any table
    • create type
    • unlimited tablespace
  • After installing Update Manager 4.0 Client plug-in you cannot enable Update Manager Client 1.0 or Update Manager Client 1.0 Update 1 on the same computer
    Update Manager Client 1.0 (or Update Manager Client 1.0 Update 1) might be represented as installed on the VI Client Plug-in Manager although you have not installed it in the following scenario:
    1. You install VirtualCenter 2.5 (or VirtualCenter 2.5 Update 1), Update Manager server 1.0 (or Update Manager server 1.0 Update 1), and VI Client 2.5 (or VI Client 2.5 Update 1), but do not install Update Manager Client 1.0 (or Update Manager Client 1.0 Update 1).
    2. You upgrade the VI Client to vSphere Client (formerly VI Client) 4.0.
    3. You connect the vSphere Client to a vCenter Server system with which Update Manager 4.0 is registered.
    4. You download and install the VMware vCenter Update Manager Client 4.0 plug-in.
    5. You connect the vSphere Client 4.0 to VirtualCenter Server 2.5 (or VirtualCenter 2.5 Update 1).
    The vSphere Client Plug-in Manager shows the Update Manager Client 1.0 (or Update Manager Client 1.0 Update 1) as installed although you have not installed it. You cannot enable the plug-in either.
    Workaround: Uninstall vCenter Update Manager Client 4.0 plug-in. Connect the VI Client 2.5 (or VI Client 2.5 Update 1) to VirtualCenter 2.5 (or VirtualCenter 2.5 Update 1) and install Update Manager Client 1.0 (or Update Manager Client 1.0 Update 1). After this, install VMware vCenter Update Manager Client 4.0 plug-in again. Both versions of the client plug-ins can co-exist on one computer. This issue has been fixed in VI Client 2.5 Update 2 and later releases.
  • Old Update Manager plug-in is still enabled in the Plug-in Manager of vSphere Client 4.0 Update 1
    After you upgrade vSphere Client and vCenter Server to version 4.0 Update 1, the earlier version of Update Manager is still enabled in the Plug-in Manager. For correct functionality, you must upgrade Update Manager to version 4.0 Update 1.
  • If the password for vCenter Server or the database server contains a semicolon, installation of Update Manager fails
    When you install the Update Manager server version 4.0 Update 1, if the password provided for authentication to vCenter Server or the database server contains a semicolon, the installation fails.
    Workaround: Change the vCenter Server or database server password to exclude the semicolon and run the installation again.

Scanning and Remediation

  • Remediation tasks fail for some Microsoft products
    Update Manager does not remediate some Microsoft products. Details of these failures are logged in an event, and can be viewed using the vSphere Client.
    • Application of SP2 for Microsoft Content Management Server 2002 and SP2 for Internet Explorer 6 fails. You can only scan for them.
    • Application of some service packs to Exchange requires user intervention, and cannot be completed automatically.
  • Host patch and upgrade remediation might fail
    Host patch and upgrade remediation might fail with the message There are errors during the remediation operation if an inaccessible virtual machine exists on the host. The reason for this failure might be that the virtual machine files reside on a disconnected network storage.
    Workaround: Connect the disconnected network storage or remove the inaccessible virtual machine from the vSphere inventory.
  • Host patch remediation might fail
    Host patch remediation against the default host Update Manager baselines or user-defined host patch baselines might fail if the baseline contains one or more conflicting patches.
  • Host Upgrade Scan and Remediation Might Fail
    Host upgrade scan and remediation might fail with the AgentInstallFailed error message. This error might result from insufficient free space on the ESX/ESXi host.
    Workaround: To upgrade ESX/ESXi hosts, ensure you have at least 10MB free space in the /tmp directory of the host.
  • Update Manager remediation process might fail when installing Windows Vista or Windows Server 2008 guest patches
    The Update Manager remediation process might fail when installing some Windows Vista or Windows Server 2008 guest patches and report the Windows Vista and Windows Server 2008 virtual machines as not compliant.
    Workaround: Reboot the virtual machine and perform a scan. The scan will show the virtual machine as compliant.
  • Host remediation might fail or remain in progress in a high latency network
    Due to extensive distance between the vCenter Server system, Update Manager server, and the managed hosts, host remediation might fail or remain in progress for a long time. The host fails to exit maintenance mode if one of the patch installations times out. Update Manager reports both the task for the host to exit maintenance mode and the installation task as Operation times out. on the Tasks and Events tab.
  • VMware Tools upgrade fails for virtual machines created on hosts of versions 2.5.x
    When you scan a virtual machine with the VMware Tools version corresponding to ESX 2.5.x against a VMware Tools Upgrade to Match Host baseline, the VMware Tools Upgrade to Match Host baseline state is Non-Compliant. Although the state is Non-Compliant, the VMware Tools upgrade fails with a VM Tools installed in the VM doesn't support automatic upgrade error message. Automatic upgrade for VMware Tools is supported only for virtual machines created on hosts running versions ESX 3.0.x, ESX 3.5 or later, and ESX 3i version 3.5 or later.
    Workaround: Upgrade VMware Tools manually by right-clicking the virtual machine in the inventory and selecting Guest > Install/Upgrade VMware Tools.
  • Patch remediation might fail when you upgrade the virtual hardware and apply patches at the same time
    When you remediate a Windows 2000 Professional SP4 virtual machine with virtual hardware version 3 against a baseline group containing the VM Hardware Upgrade to Match Host baseline and patch baselines, the patch remediation might fail. After upgrading the virtual hardware, Update Manager powers the virtual machine on and displays a System Settings Change dialog box asking you to restart the system. If you do not click Yes, the machine does not restart, causing a stop of the remediation process. Patch remediation fails, because the process times out. The error message you receive is: VMware vCenter Update Manager Guest Agent failed to respond in time on <virtual_machine_name>. Please check if the VM is powered on and Guest Agent is running.
    Workaround: Click Yes in the System Settings Change dialog box to restart the virtual machine.
  • VMware Tools upgrade might fail with a generic error message
    VMware Tools upgrade on a virtual machine in which the VMware Tools service is not running might fail with the VMware Tools upgrade failed for <virtual_machine_name> generic error message.
    Workaround: Start the VMware Tools service in the guest operating system and perform the upgrade again.
  • Host remediation might fail for some patches, when a conflicting patch is included in the baseline
    Patch remediation of a host might fail when a patch (for example, patch A) in a baseline input conflicts with the host and the conflict cannot be resolved by the other patches in the baseline input.
    Workaround: The Patch Details window for patch A displays a recommendation to use the resolving patch B. As this is the solution, include the required patch B into the baseline to apply it along with patch A. For more information, refer to the KB article associated with the patch A.
  • You must not use a shared datastore for ESX host upgrade remediation
    When you remediate a cluster or folder of ESX hosts against an upgrade baseline, in the Remediation wizard you can specify the VMDK location to which to migrate the COS of the ESX host. You should use a local datastore, not a specific datastore, which is shared by the hosts.
    Workaround: If the ESX hosts you want to upgrade have local storage, you can successfully upgrade them individually by selecting to use a local datastore.
  • ESX host upgrade remediation fails for diskless hosts
    When you remediate ESX hosts against an upgrade baseline, in the Remediation wizard you can specify the VMDK location to which to migrate the COS of the ESX host. If you want to perform the remediation at a cluster or folder level, VMware recommends that you use a local datastore. It is not recommended to use a datastore shared within many hosts, because the upgrade fails for the diskless hosts in the container object.
    Workaround: Upgrade the diskless ESX hosts individually. In such a case you can select a specific network datastore as long as it is not shared with other hosts.
  • Timezone patches 931836 and 933360 are displayed as missing, although they are not applicable
    Timezone patches 931836 and 933360 are obsolete patches, which were recalled shortly after the Update Manager 1.0 Update 2 release and are no longer available for downloading. Shavlik provides the functionality to check if you have these patches installed on your virtual machines. If they are installed on a virtual machine, Update Manager reports the patches as Installed. Otherwise, the patches are reported as Missing, although they should be marked as Not Applicable. Patch 931836 is superseded by patch 933360, which is superseded by patch 942763, and patch 942763 is superseded by 951072. If patch 951072 is installed, then the other patches are not needed.
    Workaround: To obtain the correct compliance state for a virtual machine, remove the above mentioned patches from the patch baseline defined in your environment and perform the scan again.
  • Compliance view does not load when the user does not have sufficient Update Manager privileges
    When you do not have sufficient credentials to view compliance details for vSphere objects, the View Compliance screen remains blank and displays a Loading message.
  • Upgrade of VMware Tools might fail with error The operation is not supported on this object
    The upgrade failure might occur in clusters containing both ESX 3.x and ESX 4.0.x hosts, with DRS enabled in automatic mode. After completing the upgrade of VMware Tools, Update Manager first shuts down the guest operating system and then powers it on. DRS selects the best suited host, on which to power on the remediated virtual machine. If the selected host is running ESX 3.x, the post-scan test of the VMware Tools upgrade task results in error message VMware Tools upgrade skipped for <VM name>. It is supported only for VMs on ESX 4.0 host onwards.
    Workaround: Before you upgrade VMware Tools in a cluster with both ESX 3.x and ESX 4.0.x hosts, disable DRS or switch DRS to manual mode.
  • In the remediation wizard, the status of vSphere inventory objects is always shown as Non-Compliant
    In the Update Manager Client Compliance view, different icons represent the compliance states of baselines against vSphere objects. When you start a remediation operation for a vSphere object, you see a misleading status icon beside the patch number or upgrade name. The misleading icon represents a white X in a red circle, and coincides with the icon signifying non-compliant status.
  • The Remediation Selection page might display an incorrect number of patches for the selected baselines
    When you remediate a vSphere inventory object against a patch or extension baseline preselected in Compliance view, the initial page of the remediation wizard might show an incorrect number of patches that need to be remediated. In this case, when the inventory object has multiple attached patch and extension baselines, the number of patches corresponds to the number of compliant patches from all attached baselines, and not just from the selected baselines.
    Workaround: Either change the selection of baselines or groups in the Remediation Selection page, or first click Next to go to the next page and then click Back to return to the selection page.
  • When you scan an offline virtual machine, the state of the VMware Tools Upgrade to Match Host baseline might be displayed as Unknown
    When you scan an offline virtual machine with VMware Tools version corresponding to ESX 2.5.x against the VMware Tools Upgrade to Match Host baseline, the VMware Tools Upgrade to Match Host baseline state is Unknown.
    Workaround: Perform a scan when the virtual machine is powered on. Update Manager will display the correct compliance state.

Internationalization Issues

  • You cannot install Update Manager and download patches to directories with non-ASCII characters in their names
    In the installation wizard of Update Manager, you can change the installation and patch download locations of the Update Manager. Changing the installation and patch download locations to folders containing non-ASCII characters in their names might result in errors. Only ASCII characters are supported in installation paths and user names. However, non-ASCII characters are supported in passwords.
  • You cannot install Update Manager in Simplified Chinese language on Japanese operating systems
    If you select Simplified Chinese as the installation language on a Japanese operating system, an error 1158 appears and the installation fails. You can select Japanese, German, or English as the installation language on a Japanese operation system.
  • Virtual machine patch remediation might fail if a localized version of the patch is not available
    When you apply patches to a localized guest operating system, the remediation process might fail if a patch for the specific locale has not been released by the vendor. Update Manager reports the error: Failed to install patch <patch_name>.
    Workaround: Contact the patch vendor for localization-specific information.
  • Remediation might fail for some localized patches for Windows
    Due to patch installer issues, Update Manager might fail to install some localized patches for Windows with error code 1618 - another installation is already in progress.
    Workaround: Retry the remediation operation.
  • Update Manager online help might fail to open on some localized Windows systems
    If you install Update Manager on a Windows operating system different from English, Deutsch, Japanese, and Simplified Chinese, you cannot open the Update Manager Online Help from the Help menu. In addition, if you click other links or buttons for Help within the Update Manager Client, the following error message appears: Missing help file.
    Workaround: Navigate to the Update Manager help directory (the default folder is C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Plugins\Update Manager 4.0\Help\en\) and double-click index.html, or copy the Update Manager online help files from
    C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Plugins\Update Manager 4.0\Help\en\
    to
    C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Plugins\Update Manager 4.0\Help\.
    Have in mind that copying the files up one level is not always recommended.
  • In the German localized version of Update Manager, the Clear button for the Filter text field is missing
    The Clear button lets you delete the query inside the Filter field, so that you can enter a different query. In the German localized version of Update Manager, the Clear button is missing.
    Workaround: You can clear the query in the Filter field by selecting and deleting the text. As a result, all patches will be listed. You can then enter a new query in the Filter field.
  • In the German localized version of Update Manager, "Staging" and "Stage" Are Mistranslated into "Einstufungsvorgang" and "Einstufen"
    In numerous places, "stage" has been mistranslated. The correct translation for the verb "to stage" in the context of Update Manager is "bereitstellen."
  • Inconsistent remediation error message might appear when in German operating system locale the vSphere Client locale is switched to English
    In German operating system locale, when you do a locale forcing to change the vSphere Client user interface and related messages into English, an error message might be wrong. The error message is related to the remediation of Linux virtual machines. The wrong error message No entities for this operation might appear, when the correct message is Operation on the inventory object is not supported.
  • When you double-click VMware vCenter Update Manager.msi, the hint message is not localized
    When you extract to a local folder all components, required for the installation of Update Manager, either from a .zip file or an .iso image, you can run the VMware vCenter Update Manager.msi application by double-clicking it. When you run the application, the hint pop-up displays the message The installer should be started using VMware-UpdateManager.exe. The message is in English and not localized.
  • When you double-click VMware vCenter Update Manager Download Service.msi, the hint message is not localized
    When you extract to a separate folder all components, required for the installation of UMDS, either from a .zip file or an .iso image, you can run the VMware vCenter Update Manager Download Service.msi application by double-clicking it. When you run the application, the hint pop-up displays the message The installer should be started using VMware vCenter Update Manager Download Service.msi. The message is in English and not localized.

Using Update Manager

  • Security vulnerabilities in the Jetty Web server version embedded in Update Manager
    The following Update Manager versions embed Jetty Web server version 6.1.6:
    • Update Manager 1.0 Update 2 and later
    • Update Manager 4.0
    • Update Manager 4.0 Update 1
    • Update Manager 4.0 Update 1 Patch 1
    • Update Manager 4.0 Update 1 Patch 2
    • Update Manager 4.0 Update 2
    • Update Manager 4.1
    Two security vulnerabilities are reported for the Jetty Web server version 6.1.6:
    • CVE-2009-1523 (http://jira.codehaus.org/browse/JETTY-1004) identifies a directory traversal vulnerability. It allows for obtaining files from the system where Update Manager is installed by a remote, unauthenticated attacker. For an attack to be successful, the attacker would need to be on the same network as the system where Update Manager is installed.
    • CVE-2009-1524 (http://jira.codehaus.org/browse/JETTY-980) identifies is a cross-site scripting vulnerability. It allows for running JavaScript in the browser of the user who clicks a URL containing a malicious request to Update Manager. For an attack to be successful the attacker would need to lure the user into clicking the malicious URL.
    The vulnerabilities are classified as Important, according to the VMware Security Response Policy.
    Workaround: Upgrade Jetty to version 6.1.22. For more information, see Upgrade the Jetty Web server embedded in VMware vCenter Update Manager by using a security fix (KB 1023962).
  • You cannot stage patches to ESX/ESXi 3.x hosts
    Staging patches to individual ESX/ESXi 3.x hosts or container objects containing ESX/ESXi 3.x and ESX/ESXi 4.0 hosts fails. The Recent Tasks pane displays the error message VMware Update Manager had a unknown failure. Please refer the task and events tab for further details. Update Manager 4.0 supports staging patches only for ESX/ESXi 4.0 hosts.
  • During VMware Tools upgrade you might see a misleading error message in Recent Tasks pane
    When you perform a VMware Tools upgrade of a virtual machine, you might see a misleading error message Cannot complete operation because VMware Tools is not running in this VM even though the remediation is successful.
  • VMware Tools Upgrade for a virtual machine on a host in maintenance mode might fail with a misleading error message
    When you upgrade a virtual machine on a host that is in maintenance mode, the remediation might fail with a misleading error message The VMware Tools installed in the VM does not support automatic upgrade. Please upgrade VMware Tools manually in the Tasks and Events tab. Remediation of a virtual machine on a host in maintenance mode is not possible. The correct error message is There are errors during the remediation operation.
  • VMware Tools upgrade remediation might fail with a misleading event error message
    When you try to upgrade VMware Tools on a virtual machine with no installed VMware Tools, the remediation fails with a misleading error message: VMware vCenter Update Manager had an unknown failure. Check Tasks and Events tab and logs for more details. Update Manager does not support VMware Tools upgrade for virtual machines on which VMware Tools is not installed.
  • Scheduling a remediation task generates a set of tasks and one of them is misleading
    When you schedule a remediation task, several active tasks appear in the Recent Tasks pane. One of these tasks is Remediate Entity. This task appears when you create a new remediation task and is not an actual remediation task in which the objects are remediated. The Remediate Entity task creates sub-tasks for the scheduled remediation based on your input in the Remediate wizard.
  • Admin view and Compliance view quick-switch links might not work properly if your environment is in linked mode
    If your vCenter Server system is part of a Connected Group in vCenter Linked Mode and you have an Update Manager instance registered with each vCenter Server system, the Admin view and Compliance view navigation links might not work properly. For example, consider a scenario in which Update Manager instance 1 is registered with vCenter Server 1 and Update Manager instance 2 is registered with vCenter Server system 2. When you select an object managed by vCenter Server 1, click the Update Manager tab, and then click Admin view in the upper-right corner, you see the Administrator's view of Update Manager instance 1. When you click Compliance view, select an object from the inventory managed by vCenter Server 2, and click Admin view in the upper-right corner, you see the Administrator's view of Update Manager instance 1 again.
    Workaround: Click Compliance view and then click Admin view again to see the Administrator's view of the second Update Manager instance.
  • When you perform a VMware Tools upgrade you might see a misleading error message
    When you perform a VMware Tools upgrade of a virtual machine with insufficient free space, the remediation fails due to the lack of space with a wrong error message The VMware Tools operation was canceled.
  • Conflicting patches are counted in the remediation wizard
    After you scan a selected object against a patch baseline, you might see a number of conflicting patches in the Patch Baselines window. When you try to remediate the selected object, the conflicting patches are counted in the Remediation wizard as patches that are going to be installed on the object, but only some or none of the conflicting patches are installed during the remediation process.
  • Update Manager does not support a re-import of a host upgrade file
    Update Manager does not support the re-import of host upgrade files (ISO for ESX hosts and ZIP for ESXi hosts) if an already imported file gets corrupt or manually deleted from the Update Manager patchstore. Importing upgrade files for a particular release is a one-time activity. After you upload the upgrade files, you must use the existing release upgrades available in Update Manager to create a new host upgrade baseline. In addition, if you create an upgrade baseline with the new ESX 4.0 Evaluation copy (build 171294), you cannot create a new upgrade baseline for the ESX 4.0 Licensed version (build 164009). You might also encounter this issue with the Evaluation copy of ESX 4.0 Update 1.
  • Update Manager Service Might Fill the \Temp Directory With Many System Temporary Files
    You might see many files with names like ufa{*}.tmp and ufa{*}.tmp.LOG{*} in the Windows \Temp directory (the default location is C:\WINDOWS\Temp).
    • ufa{*}.tmp files – These files are created when the Update Manager service becomes unavailable in the middle of an offline virtual machine scan. To delete the ufa{*}.tmp files (for example, to delete a ufa729F.tmp file):
      1. Select Start > Run.
      2. In the Run window enter regedit.
      3. In Registry Editor, navigate to the My Computer\HKEY_LOCAL_MACHINE folder and select the ufa729F.tmp file.
      4. Select File > Unload Hive.
      5. Open a Command Prompt window.
      6. Navigate to C:\ and run the following command:
        del C:\Windows\Temp\ufa729F.tmp
    • ufa{*}.tmp.LOG{*} files – These files are Windows transaction log files for registry operations. They can be generated as a result of Windows logging registry transactions, and are removed after use. ufa{*}.tmp.LOG{*} files are like any other Windows temporary files and can be deleted as a part of a Windows Disk Cleanup task.
      To delete the ufa{*}.tmp.LOG{*} files (for example, to delete a ufaFF50.tmp.LOG2 file):
      1. Open a Command Prompt window.
      2. Navigate to C:\ and run the following command:
        del C:\Windows\Temp\ufaFF50.tmp.LOG2
  • Virtual machine hardware upgrade or VMware Tools upgrade might fail with error fault.com. - vmware.vc - Integrity.V - MToolsRemediationFault.summary
    The upgrade failure might occur on virtual machines migrated with VMotion from ESX 3.0.x hosts to ESX 4.0.x hosts. In this situation, the guest ID property of the virtual machine is unset, but a new ID is not assigned. Update Manager attempts to read the guest ID during VMware Tools upgrade, and the task fails. The same issue might occur on virtual machines that are reverted to a snapshot, or resumed from suspended state on ESX 4.0.x hosts.
    Workaround: First manually upgrade VMware Tools, and then upgrade the virtual hardware of the virtual machine.
  • During creation of dynamic baselines, new patch vendors from newly added custom patch sources might not be included in the vendor list
    Downloading patches from a newly added custom patch source to Update Manager might introduce a new patch vendor. The new vendor might not be included in the list of vendors presented in the baseline creation wizard. In such a scenario, you might not be able to set up a dynamic baseline with search criteria that involve the new patch vendor name.
    Workaround: Close the vSphere Client and reopen it. This operation refreshes the list of vendors presented in the baseline creation wizard, and lets you include the new vendor in dynamic baseline search criteria.
  • When multiple users attempt to create a baseline with the same name simultaneously, Update Manager displays an ambiguous error message
    When multiple users attempt to create a baseline with the same name simultaneously, Update Manager displays the message The specified key, name, or identifier already exists. The message does not inform you explicitly that another user is attempting to create a baseline with the same name.
  • The Update Manager Compliance view uses generic icons to represent vSphere inventory objects
    In the Update Manager Compliance view, you cannot distinguish between the states of vSphere objects solely by the icons used to represent them. The Compliance view uses the same icons for all states of hosts, virtual machines, or virtual appliances.
    Workaround: For the actual state of inventory objects, see the inventory tree.
  • The vSphere Client might display the error message Exception has been thrown by the target of an invocation When an Old Version of Update Manager Is Installed
    When you connect the vSphere Client to a vCenter Server 4.0.x instance, with a registered old version of the Update Manager server, the vSphere Client displays the error message Exception has been thrown by the target of an invocation.
    Workaround: Either first upgrade the Update Manager server to version 4.0.x and then reinstall the Update Manager plug-in from the vSphere Client Plug-in Manager, or uninstall the legacy versions of the Update Manager server and plug-in.
  • Switching between Compliance view and Administration view might navigate you to the wrong location
    When you select a datacenter object in the VMs and Templates inventory view of the vSphere Client and use the Admin view and Compliance view quick links to navigate to the Update Manager Administration view and the Update Manager Compliance view, you might go to the wrong vSphere Client view. For example, select Home > Inventory > VMs and Templates in the navigation bar. Select a datacenter object in the inventory and click the Update Manager tab to open the Update Manager Compliance view. When you click Admin view and then go back by clicking the Compliance view quick link, you navigate to the Host and Clusters inventory view, instead of the VMs and Templates view.
    Workaround: Manually navigate from the Hosts and Clusters inventory view to the VMs and Templates view by selecting Home > Inventory > VMs and Templates in the navigation bar.
  • When you stage a baseline that contains multiple bulletins, some bulletins might be shown as missing
    After the successful staging of a baseline that contains multiple bulletins, some bulletins might be shown as Staged and others as Missing. The reason for the discrepancy is that bulletins might contain installation bundles, which differ in their versions, but are for the same component. In such cases, Update Manager stages only the newest versions of the installation bundles. The bulletins that contain the obsolete versions of installation bundles are marked as Missing and are not staged. When you remediate the baseline, Update Manager ignores the old versions of installation bundles and only installs the latest versions. The bulletins marked Missing become Installed because the new versions of the installation bundles are remediated.
  • Update Manager fails to install and upgrade the Cisco Nexus 1000V VEM, if the ESX host is running on an IPv6 networking stack
    When an ESX host is added to a Cisco Nexus 1000V DVS, Update Manager installs the Cisco Nexus 1000V VEM on the host. Upgrading the Cisco Nexus 1000V VSM to the latest version invokes Update Manager to upgrade the VEM on the host attached to the DVS. Both the installation and the upgrade operations might fail if the host is running on an IPv6 networking stack.
    Workaround: Install or upgrade the VEM on the host manually, by using the offline bundle.

Top of Page