Editor's take: After acquiring VMware in 2023, Broadcom has wasted no time reshaping the company into a profit-focused operation, often at the expense of good customer relations. The latest move in this contentious strategy involves cease-and-desist letters sent to VMware users, warning that they won't receive new patches or bug fixes unless they continue paying for official support.

Broadcom wants to push every single VMware customer "owning" a perpetual license to a new subscription-based contract, and is willing to antagonize the entire VMware userbase to reach this goal. Companies and professionals still using VMware products have recently started receiving a new kind of cease-and-desist letter, with Broadcom asking for new support contracts or even threatening an active "inquiry" into users' systems.

The letters are seemingly targeting VMware customers that acquired a perpetual license before Broadcom digested the virtualization giant. Some organizations are threatened because they chose not to convert the previous license to a subscription, as they are likely looking for alternative solutions or don't want to give in to Broadcom unreasonable requests.

The wording used by Broadcom in its letters focuses on official support services, which are no longer available if a software product was previously purchased with a perpetual license. Therefore, Broadcom "demands" that such customers stop installing new updates to VMware products, including maintenance releases, minor releases, patches, or security fixes. The only exception is about zero-day vulnerabilities for vSphere 7.x and 8.x, Broadcom said, and only when the flaws have a CVSS score greater than or equal to 9.0.

Broadcom now treats patches and bug fixes as part of its official support services, effectively forcing companies to pay for the right to install updates. According to the company, applying a patch without an active subscription violates VMware's software license and infringes on its intellectual property – grounds Broadcom appears willing to pursue in court.

Broadcom has escalated the situation by claiming the right to audit customers, aiming to catch anyone installing official patches on perpetually licensed software without an active support contract. Critics have dubbed these cease-and-desist letters "nastygrams," all signed by Mike Brown, who serves as Broadcom's Managing Director.

Dean Colpitts, CTO of Canadian service provider Members IT Group, told Ars Technica some customers received Broadcom's letter shortly after their support contracts expired. While a few organizations pushed back with legal teams, the tactic has spread confusion within online communities about Broadcom's motives.

Broadcom has repeatedly shown a willingness to force a subscription model on most VMware users. The company has imposed steep price hikes and taken legal action against major ICT firms refusing to pay for new support licenses.