Broadcom has been sending cease-and-desist letters to owners of VMware perpetual licenses with expired support contracts, Ars Technica has confirmed.
Following its November 2023 acquisition of VMware, Broadcom ended VMware perpetual license sales. Users with perpetual licenses can still use the software they bought, but they are unable to renew support services unless they had a pre-existing contract enabling them to do so. The controversial move aims to push VMware users to buy subscriptions to VMware product bundles, with associated costs that have increased by 300 percent or, in some cases, more.
Some customers have opted to continue using VMware unsupported, often as they research alternatives, such as VMware rivals or devirtualization.
Over the past weeks, some users running VMware unsupported have reported receiving cease-and-desist letters from Broadcom informing them that their contract with VMware and, thus, their right to receive support services, has expired. The letter [PDF], reviewed by Ars Technica and signed by Broadcom managing director Michael Brown, tells users that they are to stop using any maintenance releases/updates, minor releases, major releases/upgrades extensions, enhancements, patches, bug fixes, or security patches, save for zero-day security patches, issued since their support contract ended.
The letter tells users that the implementation of any such updates “past the Expiration Date must be immediately removed/deinstalled,” adding: “Any such use of Support past the Expiration Date constitutes a material breach of the Agreement with VMware and an infringement of VMware’s intellectual property rights, potentially resulting in claims for enhanced damages and attorneys’ fees.”
Some customers of Members IT Group, a managed services provider (MSP) in Canada, have received this letter, despite not receiving VMware updates since their support contracts expired, CTO Dean Colpitts told Ars. One customer, he said, received a letter six days after their support contract expired.
Similarly, users online have reported receiving cease-and-desist letters even though they haven’t issued updates since losing VMware support. One user on Spiceworks’ community forum reported receiving such a letter even though they migrated off of VMware and to Proxmox.
Some users who reported receiving a letter from Broadcom said they ended up getting legal teams involved. Ars has also seen confusion online, with some people thinking that the letter means Broadcom perceives that they’ve broken their agreement with VMware. However, it seems that Broadcom is sending these letters to companies soon after their support contracts have expired, regardless of whether they continue to use (or not use) VMware.
Broadcom didn’t respond to a request for comment.
Broadcom Warns of Potential Audits
The cease-and-desist letters also tell recipients that they could be subject to auditing: “Failure to comply with [post-expiration reporting] requirements may result in a breach of the Agreement by Customer[,] and VMware may exercise its right to audit Customer as well as any other available contractual or legal remedy.”
In response, Colpitts told Ars:
“The one thing that does kind of piss me off is the fact that Broadcom retains the right to still perform audits whenever they choose. But … that’s utter BS anyways. If a customer wanted to hide stuff, it could easily be done (disclaimer: I have never done this, but since it’s all self-reporting in clear text with no security checksums or anything to detect tampering, it would be easy to do).”
Since Broadcom ended VMware’s perpetual licenses and increased pricing, numerous users and channel partners, especially small- to medium-size companies, have had to reduce or end business with VMware. Most of Members IT Group’s VMware customer base is now running VMware unsupported. The MSP’s biggest concern there is ensuring that staff don’t accidentally apply patches to customers, Colpitts noted.
In recent months, Broadcom has sought to rein in potential use of VMware products that it considers unwarranted. For example, it engaged in a since-resolved legal battle with AT&T over the telecom’s right to renew support services and has accused Siemens of pirating VMware software.
Broadcom’s changes to how VMware is distributed have resulted in various firms ditching VMware and doubting Broadcom’s care for customers. While Broadcom’s financial success since acquiring VMware suggests that its business plan will remain steadfast, sending cease-and-desist letters to VMware users risks further harming its reputation with current and former customers.
This story originally appeared on Ars Technica.
