Only affects vSphere, not local installations of VMWare, and only if you use EAP to pass thru authentication to Active Directory Services.

EAP is not installed by default. EAP was also deprecated in March of 2021, i.e,. quite a few years back.

If your organization does not use integrated Windows authentication (you have to type in the user name and password every time you login to any Windows Active Directory instead of passing it), and your organization does not use smart cards, then you can simply ignore the installation of EAP. However, unless recently implemented a new installation of and older version of vSphere, EAP should not be installed.

This newly announced security flaw once again reinforces the principle of not installing and/or removing unnecessary services.