Virtual Machines Guest Attestation Status Should be Healthy
- Former user (Deleted)
Analytics
Description:
Guest attestation is performed by sending a trusted log (TCGLog) to an attestation server. The server uses these logs to determine whether boot components are trustworthy. This assessment is intended to detect compromises of the boot chain which might be the result of a bootkit or rootkit infection. This assessment only applies to Trusted Launch enabled virtual machines that have the Guest Attestation extension installed.
Solution:
1. Scan your machine to ensure it isn't infected with malicious software.
2. Verify across your organization whether components of your operating system have been manually replaced.
3. Verify that a TPM device is installed on your machine: on Windows, run the PowerShell command "Get-tpm" as admin, and on Linux, use "ls /dev/tpm0" (with "/dev/tpm0" returning).
4. Remove any untrusted software or drivers with admin access.
5. Restart your machine in normal mode.
6. If all else fails, securely back up your data and create a new machine from a known-good image.