![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 71%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHH%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,175 questions
Microsoft is aware of recent reports discussing CVE-2022-40982 affecting certain Intel CPUs as described in SA-00828. We have evaluated the issue and have determined that there are no customer actions required for the majority of scenarios, only those customers who have opted-out of automatic updates with custom maintenance configurations need to take action.
Frequently asked questions:
Q: Which Azure service does this vulnerability affect?
A: This vulnerability affected certain Virtual Machine SKUs using Intel processors with the "Ice Lake", "Cascade Lake", and "Skylake" architectures. More information about affected chipsets can be found in Intel's disclosure.
Q: How is Microsoft mitigating this vulnerability in Azure?
A: We have rolled out updates to our cloud infrastructure to patch this vulnerability. For the majority of customers, this was a background update that would have not resulted in service interruption or performance degradation. However, a small subset of customers with custom Maintenance Configurations on their VMs may need to take additional action to apply the update.
Q: Is there any action customers need to take?
A: For the majority of customers, the mitigation was applied as a background update and no further action is required. A small subset of customers who have configured custom Maintenance Configurations on their VMs to suspend updates will need to take additional action to apply the update. These customers were sent notifications through Service Health in the Azure Portal under tracking ID RKRB-VT0 with further guidance.
===========
Referenced content:
Microsoft: Control updates with Maintenance Configurations and the Azure portal
PC Mag: Intel Patches 'Critical Weakness' Found in Billions of Processors
**Intel: **Gather Data Sampling / CVE-2022-40982 / INTEL-SA-00828
If you still have questions, please let us know in the "comments" and we would be happy to help you. Comment is the fastest way of notifying the experts.
If the answer has been helpful, we appreciate hearing from you and would love to help others who may have the same question. Accepting answers helps increase visibility of this question for other members of the Microsoft Q&A community.
Thank you for helping to improve Microsoft Q&A!