• Home
  • VMware QuickDocs
    • VMware General
    • vSphere
    • Skyline Advisor
    • vSAN
    • Horizon
    • NSX
    • vRealize Suite
      • vRealize Operations
      • vRealize Orchestrator
    • VMware Cloud Services
    • Podcasts
  • Home Lab
  • VMware Stickers
  • mac OS Tips
  • About Me
    • Privacy Policy
    • Cookie policy
Cybersylum

Cybersylum

  • Home
  • VMware QuickDocs
    • VMware General
    • vSphere
    • Skyline Advisor
    • vSAN
    • Horizon
    • NSX
    • vRealize Suite
      • vRealize Operations
      • vRealize Orchestrator
    • VMware Cloud Services
    • Podcasts
  • Home Lab
  • VMware Stickers
  • mac OS Tips
  • About Me
    • Privacy Policy
    • Cookie policy

Adding Async VMware Tools versions to Update Manager

byArron King 06.14.2019 Update Manager VMware Tools vSphere

Why aren’t VMware Tools at the right version on patched hosts?

A customer called with a question about updating VMware Tools as part of a recent security patch (https://www.vmware.com/security/advisories/VMSA-2019-0009.html).    The patch resolves an address out-of-bounds vulnerability in VMware Tools that was present in certain versions of the software (10.2.x and 10.3.x prior to 10.3.10).  He wanted to install the new version; but the VMware Tools installations on his VMs indicated they were current; but still were running an affected version.  His hosts were patched and up-to-date.  He knew he could manually update VMware Tools on each of his VMs; but was hoping there was an easier way – and there is!

The status of VMware Tools on a virtual machine is relative to the the host.  Typically VMware Tools updates are delivered through an ESXi patch.  In this case, the VMware Tools 10.3.10 release hasn’t been rolled into an ESXi patch yet.  It will be shortly.  The amount of testing that goes into an ESXi patch requires a good amount of time.  When VMware patches VMware Tools like they did in the case of this vulnerability, they release it to customers so they can deploy the fix sooner if they choose.  VMware calls this an Async release.

Deploying the New Version

There are a number of ways to update VMware Tools with a version that hasn’t been delivered via an ESXi patch (without doing it manually for each VM).

  1. Use a management tool to push the VMware Tools MSI like any other Windows program – for example SCCM.
  2. Setup a shared storage repository for VMware Tools.  This might be useful if you are deploying ESXi via Host Profiles or want very fine-grained control in your environment.
  3. Add the updated VMware Tools VIB to vCenter Update Manager.  You can then use the normal processes to update everything from that point on.  @Andrea_Maruo has detailed the process on his blog at vInfastructure.it.

Personally I prefer to use Update Manager to get the VIB installed on my host, remediate each host, and then update VMware Tools using vCenter like I normally would.  This fits into the normal workflow for most vSphere environments, and requires the least amount of additional steps.

The steps below work on Update Manager (part of vCenter 6.x and earlier versions). In vSphere 7, Update Manager has been replaced by vSphere Lifecycle Manager.    Adding VMware Tools Updates in vSphere Lifecycle Manager are similar.

Adding the VMware Tools VIB to your hosts

Here is a summary of the steps I used to ensure VMware Tools in my environment were up to the 10.3.10 version.

My environment is fully patched and VMware Tools for my virtual machines shows as current – however I can see it isn’t the patched version

VMware Tools show as current but are not the patched version

I login to VMware Portal, and download the offline VMware Tools VIB.  In this case, i needed VMware Tools 10.3.10.

VMware Tools 10.3.10 Offline VIB from my.vmware.com

Once the ZIP file has been downloaded, login to vCenter and navigate to Update Manager.  On the Updates tab, click Upload From File.  Click Browse and locate the file you just downloaded.

Upload Zipped VIB to Update Manager

Once this is done, you will see the new version of VMware Tools in the Non-Critical Host Patches baseline of your repository

The new version of VMware Tools has been added to Non-Critical Baseline

From this point on, the rest of the steps are like any other patching operation you would perform

The hosts are now out of compliance with the baseline, and can be remediatedHosts are now Out of Compliance

If you look at what will be patched at this point, you will see that the 10.3.10 Async release of VMware Tools will be added to your hosts.

VMware Tools 10.3.10 will be installed on each host

You can begin remediating your hosts.  In this instance – no reboot is required!

Once your hosts are remediated, VMware Tools on your virtual machines will show as out-of-date

https://www.cybersylum.com/wp-content/uploads/2019/06/VMware-Tools-out-of-date.jpg

Upon updating VMware Tools, you will notice they are now running the proper version

VMware Tools are current and patched

I hope this helps!

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Cleveland VMUG - June 2019 Meeting

Central Ohio VMUG Meeting - August 6 2019 - Docker & Kubernetes

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Disclaimer

The content and opinions on this site belong to me - not my employer.

You are welcome to use any ideas or code from this site. You have the responsiblity to test these before using in a production environment.

Upcoming Events

  • Mon
    21
    Aug
    2023
    Thu
    24
    Aug
    2023

    VMware Explore 2023 - US

    The dates for THE big virtualization conference has been announced and VMware Explore is back in Las Vegas for 2023!

Categories

Before I Forget Certificates Education Home Lab Horizon View MacOS Networking PowerCLI Professional Development Scripting TechBITS Update Manager VCSA VMUG VMware VMware Cloud on AWS VMware Portal VMware Tools VMworld vSphere vToolBelt Windows 10

Archives

Category

Before I Forget Certificates Education Home Lab Horizon View MacOS Networking PowerCLI Professional Development Scripting TechBITS Update Manager VCSA VMUG VMware VMware Cloud on AWS VMware Portal VMware Tools VMworld vSphere vToolBelt Windows 10

Twitter: Follow Me

My Tweets
Proudly powered by WordPress | Theme: Showme by NEThemes.
 

Loading Comments...