Hi Vivek,
CVE-2018-3636, patches are meant to remediate ‘L1 Terminal Fault - VMM’ (L1TF - VMM) Speculative-Execution vulnerability in Intel processors for vSphere.
So the remediation is in three phases:
- Update Phase: Apply vSphere Updates and Patches
- Planning Phase: Assess Your Environment
- Scheduler-Enablement Phase: Enable the ESXi Side-Channel-Aware Scheduler
So, you have installed and completed the update phase, so now you need to move to next phases.
Assess your environment "where you need to check the impact of VMs with high CPU cores more than the logical process count" and next phase you enable the scheduler "where you will disable hyper-threading". Please add new hosts/capacity to cluster before disable hyper-threading to avoid resource management issues.
or you can simply suppress the warning, where the host is still vulnerable and not completely remediated.
Follow steps as per KB: VMware Knowledge Base
Regards,