Support for upgrade of existing Azure Generation 2 VMs to Trusted Launch is now generally available. You can seamlessly enable Trusted Launch and improve the security of your existing Azure Generation 2 VMs.
Trusted Launch VMs provide foundational compute security to Azure Generation 2 VMs by enabling Secure Boot and vTPM capabilities. Trusted Launch capabilities protects OS against rootkits, boot kits and enables attestation by measuring the boot chain of VM.
