© 2025 Alcaeus Services

EN

Microsoft Issues Emergency Update to Resolve Azure VM Startup Failure (KB5064489)

Latest Comments

No comments to show.
Last updated on 16 July 2025 | Comments 0

⚠️ Microsoft Issues Emergency Update to Resolve Azure VM Startup Failure (KB5064489)

Microsoft has published an urgent out-of-band update—KB5064489—to address a serious issue affecting Azure virtual machines. The problem, introduced in the July Patch Tuesday update, caused certain VMs to fail at launch, particularly when Virtualization-Based Security (VBS) is enabled and Trusted Launch is not.

🧭 What Was Affected?

This bug impacted virtual machines running:

  • Windows Server 2025
  • Windows 11 24H2

It was especially prevalent in non–Trusted Launch (Standard) Azure VM configurations using version 8.0 (a non-default VM version) and older hardware SKUs.

According to Microsoft, the issue originated from a secure kernel initialization failure, preventing VMs from starting under specific security configurations.

🛡️ What Is Trusted Launch?

Trusted Launch is a Microsoft Azure security feature that uses Secure Boot and a virtual TPM (vTPM) to shield VMs against low-level threats like bootkits and firmware-level exploits. When Trusted Launch is disabled, these protections are not applied, increasing the risk window for affected systems.

✅ The Fix: KB5064489

Released on Sunday, July 14th, the KB5064489 update directly resolves the faulty kernel initialization, allowing affected VMs to boot successfully again.

Microsoft advises administrators to:

  1. Check if your VM is Standard-tier (not Trusted Launch)
  2. Verify if VBS is active via msinfo32.exe
  3. Ensure Hyper-V is not installed within the guest VM

If these conditions match, your VM may be impacted.

🛠️ What You Should Do

  • Immediately install KB5064489 instead of the original July 8th KB5062553 update
  • Or, enable Trusted Launch to avoid exposure to this bug in future configurations
  • Microsoft has also updated all Windows Server 2025 Azure VM images to include this fix

💡 At Alcaeus Services, we recommend reviewing your current VM security posture—especially if you’re running hybrid or enterprise environments where kernel integrity is critical.

Need help implementing Trusted Launch or securing your virtual fleet?
📩 Contact us for a free security assessment.

Would you like the blog article exported as HTML or Word format?

CATEGORIES:

EN|Microsoft

Tags:

No tags
Previous
Next

Comments are closed

© 2025 Alcaeus Services. All rights reserved.