Unless you’ve been living under a rock the past couple days, you’ve likely been seeing many articles regarding CVE-2021-44228 which describes a remote code execution vulnerability within Apache Log4j. Apache Log4j is a Java-based logging utility used by many applications across the world, and as such, this vulnerability is a huge issue due to how easy it is to exploit as well as the sheer number of vulnerable devices. Like most companies with Java based applications, many of VMware’s products utilize Log4j to provide application logging capabilities.
With the new 64-core AMD EPYC processors available and the 56-core Intel Xeon on the horizon, it was bound to happen… On February 3, 2020, VMware announced that effective April 2, 2020, all per-CPU licensed products will be limited to 32 physical cores per CPU license. This change means that those shiny new 64-core processors will require the purchase of 2 CPU licenses for each processor going forward. This change affects all per-CPU licensed products, including vSphere, vSAN, NSX, and Enterprise PKS, to name a few.