Microsoft has issued an emergency update to fix a bug that prevents the launch of the azure virtual machines when the reliable launch setting disables and enables virtualization-based security (VBS).
Bugs affected the Windows Server 2025 and Windows 11 24H 2 and the July patch was introduced during the Tuesday security update.
“This update addresses a problem that prevents some virtual machines (VMs) when virtualization-based security (VBS) was enabled,” Microsoft explains,
“This version affects VM using 8.0 (a non-default version), where VBS was introduced by the host. In azure, it is running on the old VM SKU on the old (non-trusted launch) general enterprise (GE) VM.”
“The problem was caused by a safe kernel insurancealization issue.”
The trusted launch is an Azure feature that uses a safe boot and a virtual trusted platform module (VTPM) to protect virtual machines against bootkits and other low-level hazards.
On Sunday, Microsoft released KB5064489 Out-off-band updates for Windows 11 24h2 and Windows Server 2025, which fixes the kernel initialization problem that prevents VM from launching.
Microsoft says that admins can determine whether this bug will affect their VM by following these steps:
- Check if your VM is designed as “standard”.
- Check whether VBS is capable. Open system information (msinfo32.exe) and confirm that virtue-based security is going on and the Hyper-V role is not established in VM.
If you are affected, the Microsoft July 8 kB5062553 patch recommends installing this out-of-band update instead of Tuesday update. The company also says that you can stop using this issue Reliable projection Security facility.
Microsoft has also updated Windows Server 2025 VM images To include new cumulative updates that fix this bug.
While cloud attacks can be more sophisticated, the attackers still succeed with surprisingly simple techniques.
Drawing by the detection of Vij in thousands of organizations, this report reveals the 8 major techniques used by Claude-Floid danger actors.
