In this case, when the HyperV host rebooted, the virtual machines did not go back into operational condition. It’s normal for me to leave my virtual machines running while I reboot the host server.
Typically, when you patch a HyperV host server, it’s normal to let the underlying hosted virtual machines “do their thing.” When the HyperV host reboots, the virtual machine can be set by default to come back online the system will temporarily pause the Hyper V Management server, reboot the host machine, and upon reboot restart the virtual machines. In my case, rebooting the host server twice triggered the virtual machines to go into a saved state. The patch description notes that, “If you have Windows Defender Credential Guard (Virtual Secure Mode) enabled, your device will restart two times.” While that doesn’t sound like much of a known issue, I found that having a server with HyperV enabled affected the integrity of my virtual machines. Key changes affect “Windows devices that Unified Extensible Firmware Interface (UEFI) based firmware that can run with Secure Boot enabled.” The Secure Boot Forbidden Signature Database (DBX) prevents malicious UEFI modules from loading this update adds additional modules to block malicious attackers who could successfully exploit the vulnerability, bypass secure boot, and load untrusted software. These include Windows Server 2012 圆4-bit Windows Server 2012 R2 圆4-bit Windows 8.1 圆4-bit Windows Server 2016 圆4-bit Windows Server 2019 圆4-bit Windows 10, version 1607 圆4-bit Windows 10 version 1803 圆4-bit Windows 10, version 1809 圆4-bit and Windows 10, version 1909 圆4-bit. KB4535680, also known as Security update for Secure Boot DBX: January 12, 2021, makes improvements to Secure Boot DBX for a number of supported Windows versions.
12, and I want to warn you about one specific update that is affecting HyperV servers and some consumer level workstations. I’m not ready to give an all-clear to the security patches released Jan.
0 kommentar(er)
