VMware has released patches that address a new critical security advisory, VMSA-2021-0010 (CVE-2021-21985 & CVE-2021-21986). This needs your immediate attention if you are using vCenter Server (if you didn’t get an email about it, please subscribe to our Security Advisories mailing list). In most cases a security advisory is straightforward, but sometimes there are nuances that are worth extra discussion. That is the case here, and the goal of this post is to help you decide your course forward.
VMSA-2021-0010: What You Need to Know – VMware vSphere Blog