VMware has released recently their latest security patches for ESXi hypervisor. So ESXi 8.0 and ESXi 9.0 (don't know why they call it ESX now) needs to be patched. Whether you're using vSphere 8 with vCenter, you'll probably use vSphere Update Manager (Lifecycle manager). If you're using VCF 9, then as well. However, if you're still with ESXi 8.0 standalone and want to be up-to-date, you must proceed with CLI update. However, you must get the depot file from somewhere (VMware-ESXi-8.0U3f-24784735-depot.zip) as the ESXi 8.0 FREE ISO currently at Broadcom is not up to date.
As for the Update via CLI, most of my readers already know the procedure, but for newer folks, this might still be a bit of struggle.
Update ESXi Host to the latest ESXi 8.0U3b without vCenter
Note that ESX 9.0 is part of VCF bandwagon and it is not possible to get a Free version as the ESXi 9.0 does not have a place where you can enter the serial. On the other hand, when you install ESXi 9.0, it is usable during 90 days. Same for VCSA 9.0. So IF, and I say IF, you are still to stay with VMware for your homelab and do not want to buy VMUG Advantage and pass VCP certs (those two are the requirements to get VCF 9 home lab license), you can still play with vSphere 9.0 and ESXi 9.0 in your lab … for 90 days. Basically, it means that you'd have to rebuild your lab 4 times a year…. -:)
If you only homelab user without a company account, you're without luck. The official VCF download is only available to paid customers, no trials. Plus the fact that you'll need a lot of RAM to run all of this. I'd recommend trying HOL which is free.
Links and release notes for the maintenance:
- VMware ESX 9.0.0.0100 | 15 JUL 2025 | Build 24813472 – VMware vSphere Hypervisor (ESX) Offline Bundle VMware-ESXi-9.0.0.0100.24813472-depot.zip
- VMware ESXi 8.0 Update 3f | 15 JUL 2025 | Build 24784735 – VMware vSphere Hypervisor (ESXi) Offline Bundle VMware-ESXi-8.0U3f-24784735-depot.zip
If you Google those files, you might find a way to get them (the unofficial way).
Why this patch is important?
- This release resolves CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239. For more information on these vulnerabilities and their impact on Broadcom products, see VMSA-2025-0013.
This release resolves CVE-2025-2884. Broadcom has evaluated the severity of this issue to be in the moderate severity range.
ESXi 8.0/9.0 update standalone host – The steps
- Place the .zip file on a datastore or an accessible directory.
- Ensure SSH is enabled on your ESXi host.
- Put the host into a maintenance mode
- Free up enough disk space (at least 2 GB recommended).
First, upload the ZIP file to a datastore (e.g., datastore1).
Then for ESXi 8.0 run:
esxcli software profile update -d /vmfs/volumes/datastore1/VMware-ESXi-8.0U3f-24784735-depot.zip -p ESXi-8.0U3f-24784735-standard
- reboot
- Exit Maintenance mode.
Then for ESX 9.0 run:
esxcli software profile update -d /vmfs/volumes/datastore1/VMware-ESXi-9.0.0.0100.24813472-depot.zip -p ESXi-9.0.0.0100.24813472-standard
- reboot
- Exit Maintenance mode.
Note: In my case, the ESXi patch via CLI did not work… -:(
and I did not find more info in the logs….
Never mind.
Install patches Using vSphere Lifecycle Manager (GUI Method)
For environments managed via vCenter:
- Go to vSphere Lifecycle Manager > Imported Updates.
- Click Import Updates and select the depot ZIP file.
- Create a new baseline and attach it to your host/cluster.
- Scan for compliance and remediate.
If you're managing your cluster via an Image (the baselines are phasing out, btw), you need first:
Import the VMware-ESXi-9.0.0.0100.24813472-depot.zip file via Lifecycle manager (vCLS)
Then create a new image:
Result
Assign the image to your cluster and remediate.
The Official documentation for the upgrade of vSphere/ESXi 8.0 is here.
The Official documentation for the upgrade of vSphere/ESX 9.0 is here.
Final Words
Nothing much has changed when it comes to upgrades of standalone or vCenter server based ESXi hosts within a virtual infrastructure. (except the licensing part of course, there is no license management for standalone ESXi). The Image based upgrades are slowly becoming standard where the baselines are slowly go away.
Many home lab users has already left the FREE ESXi for Proxmox, XCP-NG or other hypervisors platforms which are free and just works. Many commercial entities, SMBs, which cannot afford the x8 pricing from Broadcom, had already left and migrated to other platforms too. It is only question of time when many others will take the same path. We are facing a VMware escape. Backup vendors are moving to multi-hypervisor support:
- And Another Hypervisor Platform that will be supported by Veeam – HPE VM Essentials!
- Backup solution that supports 15+ Hypervisors – Vinchin Backup and Recovery
- Agentless Backup Solutions for XCP-ng Hypervisor: External Vendor Options
- Veeam Backup and Replication for Proxmox Virtual Environment (VE) – Yes Since Veeam 12.2
So yes, there is a plenty of choice when it comes to hypervisor. Many enterprises are still in the phase of thinking to switch, but it is a complex task as not only there is a lot of the tooling and DR, backup/recovery, compliance parts that needs to be planned ahead of time. To me, the easiest way would be (for an SMB), when renewing hardware.
More posts from ESX Virtualization:
- Select Another VMware Alternative Called Harvester – How does it compare to VMware?
- VMware vSphere 9 Standard and Enterprise Plus – Not Anymore?
- VMware vSphere Foundation (VVF 9) and VMware Cloud Foundation (VCF 9) Has been Released
- Vulnerability in your VMs – VMware Tools Update
- VMware ESXi FREE is FREE again!
- No more FREE licenses of VMware vSphere for vExperts – What’s your options?
- VMware Workstation 17.6.2 Pro does not require any license anymore (FREE)
- Migration from VMware to another virtualization platform with Veeam Backup and Replication
- Two New VMware Certified Professional Certifications for VMware administrators: VCP-VVF and VCP-VCF
- Patching ESXi Without Reboot – ESXi Live Patch – Yes, since ESXi 8.0 U3
- Update ESXi Host to the latest ESXi 8.0U3b without vCenter
- Upgrade your VMware VCSA to the latest VCSA 8 U3b – latest security patches and bug fixes
- VMware vSphere 8.0 U2 Released – ESXi 8.0 U2 and VCSA 8.0 U2 How to update
- What’s the purpose of those 17 virtual hard disks within VMware vCenter Server Appliance (VCSA) 8.0?
- VMware vSphere 8 Update 2 New Upgrade Process for vCenter Server details
- VMware vSAN 8 Update 2 with many enhancements announced during VMware Explore
- What’s New in VMware Virtual Hardware v21 and vSphere 8 Update 2?
- Homelab v 8.0
- vSphere 8.0 Page
- ESXi 7.x to 8.x upgrade scenarios
- VMware vCenter Server 7.03 U3g – Download and patch
- Upgrade VMware ESXi to 7.0 U3 via command line
- VMware vCenter Server 7.0 U3e released – another maintenance release fixing vSphere with Tanzu
- What is The Difference between VMware vSphere, ESXi and vCenter
- How to Configure VMware High Availability (HA) Cluster
Stay tuned through RSS, and social media channels (Twitter, FB, YouTube)
Leave a Reply