WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
    • VMware Cloud Foundation 9.1
    • VMware Cloud Foundation 9.0
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple
You are here: Home / VMware Cloud Foundation / VCF 9.1 - July Express Patch is more than Security Fixes

VCF 9.1 - July Express Patch is more than Security Fixes

07.15.2026 by William Lam // Leave a Comment

As I discussed in my previous blog post, Understanding VCF Express Patches (EPs), Express Patches are designed to deliver security fixes as soon as they become available. As a by-product of this faster release cadence, important product fixes can also be delivered much sooner, rather than waiting months for the next scheduled release.

For a quick refresher, Express Patches (EPs) are released, versioned, and applied on a per-component basis as needed and do not require a specific installation sequence. The latest version of each component is always cumulative and includes all previously released fixes.

Earlier this week, we released several VCF component Express Patches, ranging from 9.1.0.0200 through 9.1.0.0400. Internally, we refer to this coordinated set of component updates as EP2 or the July EP, even though each Express Patch is released, versioned, and applied independently.

  • ESX 9.1.0.0200
  • vCenter 9.1.0.0200
  • vSAN 9.1.0.0200
  • NSX 9.1.0.0200
  • SDDC Manager 9.1.0.0400
  • VCF Operations 9.1.0.0400
  • VCF Automation 9.1.0.0200
  • VCF Download Tool 9.1.0.400

EP2 demonstrates exactly why a faster software release cadence matters. It includes a number of important product fixes that address issues that have prevented some customers from successfully upgrading, along with a few UI enhancements that I think many customers will appreciate as they begin their VCF 9.1 journey.

While rolling out EP2 into my lab and reviewing the release notes, I wanted to share a few of the highlights that stood out to me.

Flexible IP Allocation Options for VCF Management Services (VCFMS) & VCF Automation (VCFA)

The VCF Installer UI now supports IP allocation using IP Lists, allowing users to specify the exact IP addresses to be used for the required VCF Management Services (VCFMS) deployment. Previously, the UI only supported IP ranges, requiring a contiguous block of available addresses, which was not always practical. To use the IP List allocation option, users previously had to use the VCF deployment JSON API. With EP2, IP Lists are now available directly in the VCF Installer UI.


For VCF upgrades, it previously defaulted to CIDR-based IP allocation. This has been a challenge for some customers who do not have a contiguous block of available IP addresses in their existing management network. Previously, using IP Lists required the SDDC Manager API. With EP2, both CIDR with IP exclusions and IP Lists are now supported directly using VCF Operations UI.


The VCF Installer UI also supports IP allocation using IP Lists, allowing users to specify the exact IP addresses for the required VCF Automation (VCFA) deployment, similar to VCF Management Services (VCFMS), without requiring the VCF deployment JSON API.

For VCF Automation (VCFA) upgrades, it previously only supported CIDR-based IP allocation, with no alternative available. This became a blocker for customers who did not have a contiguous block of available IP addresses for VCFA. With EP2, VCF Operations UI now supports both CIDR and IP Lists with IP exclusions.

Improved Install/Upgrade Pre-Checks

For environments that had mixed-case characters in their FQDNs (e.g., VCENTER.mydomain.com) or had an incomplete Subject Alternative Name (SAN) containing both the FQDN and IP address in the TLS certificate, installation or upgrade would be affected. These, along with other checks, have either been relaxed to support case-insensitive FQDNs or modified to provide warnings after the upgrade, allowing users to remedy the TLS certificate without blocking the upgrade.

Improved Inventory Resource Validation

When looking up inventory resources such as VMs and network port groups, humans naturally prefer names while computers rely on unique identifiers. Supporting both lookup methods has introduced edge cases, particularly when resources have been renamed or moved, and it looks like these validation issues have now been resolved.

Improved Error Handling and Messages

There is always room for improvement in this area, so I was pleased to see several fixes and enhancements that address false positive and incorrect alerts, which in some cases could cause scheduled backups to fail silently.

Categories // VMware Cloud Foundation Tags // VCF 9.1

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • VCF 9.1 - July Express Patch is more than Security Fixes 07/15/2026
  • VCF 9.1 - VCF Instance & Fleet Consolidation/Relocation 07/14/2026
  • VCF 9.1 - Understanding VCF Express Patches 07/08/2026
  • Quick Tip: How to Identify Which Kubernetes Cluster Owns a vSphere Container Volume (PV) 06/25/2026
  • What Host Lifecycle Operations Are Available after Importing vCenter into VCF 9.x Fleet? 06/24/2026
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.

To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2026

Loading Comments...