RE: IMPORTANT! Some of your VMs are vulnerable.

@McHenry Turning off the Manage via Windows update first + tools uninstall + reinstall should take care of it.

@McHenry I think the detection is accurate in your case. Have you checked the driver versions in Device Manager? See https://docs.xcp-ng.org/troubleshooting/windows-pv-tools/#xenserver-vm-tools-not-upgrading-drivers-after-installation

@mickwilli Do you know what solved the issue, was it the tsc_mode=2+nomigrate=true one or was it a Windows update?

@acebmxer The Recommended actions section of the guest Secure Boot docs has been updated with our latest recommendations. In short, VMs existing prior to the varstored update will need to have their Secure Boot certificates updated with the Propagate certificates button.

@hitechhillbilly no it doesn't, it just ensures the N-th vCPU of Dom0 only runs on N-th pCPU of the machine.
Not sure about the practical impact of it, in the past it has been used for getting meaningful CPU temperatures from coretemp (with physical core matching virtual one), but that doesn't work anymore since Xen filters MSR accesses (including Dom0).

@ovicz Ok, I've contacted the storage team for a look.

@ovicz How about xe vdi-list sr-uuid=8e908932-0577-d6f0-3133-14d94a317b90 ?

@ovicz I'd start by listing the VDIs on your SR to see if things are still there.