Components such as operating systems (OS), virtual machines, virtual appliances, hypervisors, server firmware, and CPU microcode must all be patched or upgraded for effective mitigation of these vulnerabilities. vCloud Director for Service Providers does not require patching and is not compromised.