|Attack vector||Shielded VM defense|
|A malicious admin steals VHDs||Shielded VMs’ VHDs are encrypted|
|Attach a debugger to the Hyper-V host||HGS won’t release keys to hosts with debuggers attached—this is something we measure in HGS|
|Inject malware on a Hyper-V host||All software (kernel mode, user mode and drivers) running on a host is measured|
|Inject malware into a VM template disk||Shielded VMs are only deployed from template disks that match known healthy ones|
|A malicious admin attempts to move a Shielded VM to an untrusted host||Trusted hosts are added to HGS using an identifier unique to their TPM; the new host will not be recognized because it wasn’t added|
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.