Microsoft has launched an emergency replace to repair a bug that stops Azure digital machines from launching when the Trusted Launch setting is disabled and Virtualization-Based mostly Safety (VBS) is enabled.
The bug impacted Home windows Server 2025 and Home windows 11 24H2 and was launched through the July Patch Tuesday safety updates.
“This replace addresses a difficulty that prevented some digital machines (VMs) from beginning when Virtualization-Based mostly Safety (VBS) was enabled,” explains Microsoft.
“It affected VMs utilizing model 8.0 (a non-default model) the place VBS was supplied by the host. In Azure, this is applicable to straightforward (non–Trusted Launch) Common Enterprise (GE) VMs working on older VM SKUs.”
“The issue was brought on by a safe kernel initialization challenge.”
Trusted Launch is an Azure function that makes use of Safe Boot and a digital Trusted Platform Module (vTPM) to guard digital machines towards bootkits and different low-level threats.
On Sunday, Microsoft launched the KB5064489 out-of-band replace for Home windows 11 24H2 and Home windows Server 2025, which fixes the kernel initialization challenge that prevented the VMs from launching.
Microsoft says that admins can decide if this bug would impression their VMs by performing these steps:
- Verify in case your VM is created as “Commonplace”.
- Verify if VBS is enabled. Open System Info (msinfo32.exe) and ensure that Virtualization-based safety is working and that the Hyper-V position just isn’t put in within the VM.
In case you are impacted, Microsoft recommends putting in this out-of-band replace as a substitute of the July eighth KB5062553 Patch Tuesday replace. The corporate additionally says you’ll be able to forestall this challenge by utilizing the Trusted Launch safety function.
Microsoft has additionally up to date the Home windows Server 2025 VM pictures to incorporate the newer cumulative replace that fixes this bug.
Whereas cloud assaults could also be rising extra refined, attackers nonetheless succeed with surprisingly easy methods.
Drawing from Wiz’s detections throughout hundreds of organizations, this report reveals 8 key methods utilized by cloud-fluent menace actors.
