Feeds

VMware admits 'time bomb' rolled past quality control

Glum CEO says 'we're sorry'

Internet Security Threat Report 2014

VMware’s CEO has blamed a chunk of leftover pre-release code for a bug that yesterday prevented virtual servers around the world from powering up when the clock hit 12 August.

Despite the company carrying out quality assurance of its product, VMware failed to spot that it had released the leftover bit of time-bombed code within the ESX 3.5 and ESXi 3.5 Update 2 final versions of its hypervisors that were released about two weeks ago.

VMware boss Paul Maritz apologised for the major balls-up. He said the code caused the product license to expire. And, worse still, he admitted that the problem had been overlooked in recent patches to the product.

The code time bomb prevented virtual machines from powering on or leaving suspend mode and unable to migrate using the firm's VMotion software.

Maritz said VMware has released an “express patch” for customers unlucky enough to have already installed or upgraded to ESX or ESXi 3.5u2.

Its temporary work-around requires sys admins to turn the clock back to kick-start virtual machines and imagine that 12 August was just a bad dream.

However, as we noted yesterday, a whole swathe of customers have grumbled that this is inadequate since it’s a legal requirement for most businesses to timestamp all server transactions.

The company, which claims to have "the industry’s most popular and reliable hypervisor", also plans to spit out a full replacement for Update 2 that should be used by customers who want to perform fresh installs of ESX or ESXi.

Here are a few choice words from a very sad-looking Maritz:

We are doing everything in our power to make sure this doesn’t happen again. VMware prides itself on the quality and reliability of our products, and this incident has prompted a thorough self-examination of how we create and deliver products to our customers. We have kicked off a comprehensive, in-depth review of our QA and release processes, and will quickly make the needed changes.

I want to apologise for the disruption and difficulty this issue may have caused to our customers and our partners. Your confidence in VMware is extremely important to us, and we are committed to restoring that confidence fully and quickly.

Shares in VMware also took a hit yesterday, dipping more than five per cent on the New York Stock Exchange after news broke of the Palo Alto, California-based company's major code cock-up. ®

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
VMware's tool to harden virtual networks: a spreadsheet
NSX security guide lands in intriguing format
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.