Microsoft’s July Patch Might Be to Blame If Azure VM Isn’t Loading

The security bug was introduced during Microsoft’s July 2025 Patch Tuesday rollout last week.

Image: Adobe/Delta Amphule

Microsoft has released an emergency update to address a bug that prevents certain virtual machines hosted on the Azure cloud platform from launching when Virtualisation-Based Security (VBS) is enabled.

The bug was introduced by a fix rolled out in last week’s July 2025 Patch Tuesday.

What could be affected by this Azure VM launch bug?

General Enterprise Azure VMs using the v8.0 configuration version and the Standard security type are potentially affected by the issue. The problem primarily impacts VMs where VBS is enabled, Trusted Launch is disabled, and the guest operating system is either Windows Server 2025 or Windows 11 24H2.

Users can open System Information (msinfo32.exe) to check if VBS is running and confirm that the Hyper-V role is not installed. They can also verify whether the VM was created with Standard security, rather than Trusted Launch, by reviewing the Security type field in the Azure portal.

One commenter told Bleeping Computer that the launch issue was not limited to Azure cloud VMs but also affected their Windows Server 2025 VMs running on a local Windows 2016 hypervisor. They had to install updates manually by booting from installation media, as all VMs refused to start. Microsoft has not formally confirmed whether non-Azure environments are officially impacted.

What caused this security bug?

Microsoft said the problem stemmed from a “secure kernel initialization issue.” The secure kernel is a core component of VBS, isolating sensitive processes from the main operating system to enhance protection against attacks. If it does not initialise, the VM fails to boot.

When did Microsoft release the emergency update?

On Sunday, Microsoft released the KB5064489 out-of-band update and integrated the fix into the Windows Server 2025 VM images. The bug can also be prevented by using the Trusted Launch security feature.

Is this Microsoft’s first critical virtualisation flaw in 2025?

This is not the first time this year that Microsoft has dealt with critical virtualisation flaws. In January, Microsoft issued patches for three Elevation of Privilege Vulnerabilities in Windows Hyper-V NT Kernel Integration Virtualization Service Provider that could have granted an attacker SYSTEM privileges.

To learn how Microsoft is expanding Azure’s virtual machine capabilities for AI workloads, read about its collaboration with NVIDIA on Blackwell GPUs.