Azure flings out free virtual trusted platform module for cloudy VMs

Take that, rootkits and other low-level nasties - if they take a crack at fresh VMs, on certain instance types under a handful of OSes


Microsoft has revealed that its Azure IaaS platform now offers free a virtual trusted platform module.

Dubbed “Azure Trusted Launch for virtual machines” and launched as a preview on March 8th, Microsoft’s CTO for Azure Mark Russinovich said the new offering “allows administrators to deploy virtual machines with verified and signed bootloaders, OS kernels, and a boot policy that leverages the Trusted Launch Virtual Trusted Platform Module (vTPM) to measure and attest to whether the boot was compromised.”

All of which is pretty familiar stuff on-prem, as TPM has been around for over a decade and is just-about standard issue on modern servers. Google brought virtual TPM to its cloud in mid-2018 and made it the default server configuration in April 2020.

VMware security

VMware very strongly suggests TPM for all servers in tightened vSphere security guide

READ MORE

Microsoft’s introduced it to make life hard for bootkits, rootkits, and other nasties that try to compromise a server during its boot process rather than having a crack at the operating system.

For now, only freshly-created VMs can use Trusted Launch. Microsoft’s product documentation says it’s targeted general availability of the service to make it applicable to existing VMs.

If the service detects suspicious activity during boot, users will see medium-severity alert in the standard tier Azure Security Center.

The service is not for everyone: the HBv3, Lsv2-series, M-series, Mv2-series, NDv4 series and NVv4-series can’t put it to work. You’ll also need to be running RHEL 8.3, SUSE 15 SP2, Ubuntu 20.04 or 18.04 LTS, Windows Server 2019 or 2016, and Windows 10 Pro or Enterprise to take advantage of the new security feature.

The Register fancies that the inclusion of the desktop OSes will make it more practical to use BitLocker in virtual desktops. ®

Similar topics


Other stories you might like

  • Twitter founder Dorsey beats hasty retweet from the board
    We'll see you around the Block

    Twitter has officially entered the post-Dorsey age: its founder and two-time CEO's board term expired Wednesday, marking the first time the social media company hasn't had him around in some capacity.

    Jack Dorsey announced his resignation as Twitter chief exec in November 2021, and passed the baton to Parag Agrawal while remaining on the board. Now that board term has ended, and Dorsey has stepped down as expected. Agrawal has taken Dorsey's board seat; Salesforce co-CEO Bret Taylor has assumed the role of Twitter's board chair. 

    In his resignation announcement, Dorsey – who co-founded and is CEO of Block (formerly Square) – said having founders leading the companies they created can be severely limiting for an organization and can serve as a single point of failure. "I believe it's critical a company can stand on its own, free of its founder's influence or direction," Dorsey said. He didn't respond to a request for further comment today. 

    Continue reading
  • Snowflake stock drops as some top customers cut usage
    You might say its valuation is melting away

    IPO darling Snowflake's share price took a beating in an already bearish market for tech stocks after filing weaker than expected financial guidance amid a slowdown in orders from some of its largest customers.

    For its first quarter of fiscal 2023, ended April 30, Snowflake's revenue grew 85 percent year-on-year to $422.4 million. The company made an operating loss of $188.8 million, albeit down from $205.6 million a year ago.

    Although surpassing revenue expectations, the cloud-based data warehousing business saw its valuation tumble 16 percent in extended trading on Wednesday. Its stock price dived from $133 apiece to $117 in after-hours trading, and today is cruising back at $127. That stumble arrived amid a general tech stock sell-off some observers said was overdue.

    Continue reading
  • Amazon investors nuke proposed ethics overhaul and say yes to $212m CEO pay
    Workplace safety, labor organizing, sustainability and, um, wage 'fairness' all struck down in vote

    Amazon CEO Andy Jassy's first shareholder meeting was a rousing success for Amazon leadership and Jassy's bank account. But for activist investors intent on making Amazon more open and transparent, it was nothing short of a disaster.

    While actual voting results haven't been released yet, Amazon general counsel David Zapolsky told Reuters that stock owners voted down fifteen shareholder resolutions addressing topics including workplace safety, labor organizing, sustainability, and pay fairness. Amazon's board recommended voting no on all of the proposals.

    Jassy and the board scored additional victories in the form of shareholder approval for board appointments, executive compensation and a 20-for-1 stock split. Jassy's executive compensation package, which is tied to Amazon stock price and mostly delivered as stock awards over a multi-year period, was $212 million in 2021. 

    Continue reading

Biting the hand that feeds IT © 1998–2022