MicrosoftDocs
diff --git a/‎articles/azure-vmware/azure-vmware-solution-known-issues.md
Lines changed: 1 addition & 1 deletion b/‎articles/azure-vmware/azure-vmware-solution-known-issues.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/azure-vmware/configure-storage-policy.md
Lines changed: 1 addition & 1 deletion b/‎articles/azure-vmware/configure-storage-policy.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/backup/backup-azure-arm-restore-vms.md
Lines changed: 2 additions & 1 deletion b/‎articles/backup/backup-azure-arm-restore-vms.md
Lines changed: 2 additions & 1 deletion
diff --git a/‎articles/backup/backup-azure-vm-file-recovery-troubleshoot.md
Lines changed: 14 additions & 1 deletion b/‎articles/backup/backup-azure-vm-file-recovery-troubleshoot.md
Lines changed: 14 additions & 1 deletion
diff --git a/‎articles/backup/backup-support-matrix-iaas.md
Lines changed: 2 additions & 2 deletions b/‎articles/backup/backup-support-matrix-iaas.md
Lines changed: 2 additions & 2 deletions
@@ -17,7 +17,7 @@ Refer to the table to find details about resolution dates or possible workaround
 | :------------------------------------- | :------------ | :------------- | :------------- |
 | AV64 hosts running vSAN Express Storage Architecture (ESA), may see a High pNIC errors due to buffer overflows. [Getting alarm in relation to "High pNic error rate detected" on hosts in vSAN clusters when using Mellanox NICs](https://knowledge.broadcom.com/external/article/392333/getting-alarm-in-relation-to-high-pnic-e.html) | June 2025 |  The alert should be considered an informational message, since Microsoft manages the service. Select the **Reset to Green** link to clear it. |
 |[VMSA-2025-0012](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738) Multiple vulnerabilities (CVE-2025-22243, CVE-2025-22244, CVE-2025-22245) have been identified in VMware NSX. | May 2025 | The vulnerability described in the Broadcom document does not apply to Azure VMware Solution due to existing compensating controls mitigate the risk of exploitation. | The upcoming version of NSX will include a patch to address this vulnerability. |
-|[VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) Multiple vulnerabilities (CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228) have been identified in VMware ESXi and vCenter Server. | May 2025 | Microsoft, in collaboration with Broadcom/VMware, has confirmed the applicability of these vulnerabilities to Azure VMware Solution (AVS). Existing security controls, including cloudadmin role restrictions and network isolation, are deemed to significantly mitigate the impact of these vulnerabilities prior to official patching. The vulnerabilities have been adjudicated with a combined adjusted Environmental Score of [6.8](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/MAC:L/MPR:N/MUI:N/MS:C/MC:H/MI:H/MA:H) within the Azure VMware Solution. Until the update is fully addressed, customers are advised to exercise additional caution when granting administrative access to guest virtual machines and to actively monitor any administrative activities performed on them. | N/A |
+|[VMSA-2025-0010](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717) Multiple vulnerabilities (CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228) have been identified in VMware ESXi and vCenter Server. | May 2025 | Microsoft, in collaboration with Broadcom/VMware, has confirmed the applicability of these vulnerabilities to Azure VMware Solution (AVS). Existing security controls, including cloudadmin role restrictions and network isolation, are deemed to significantly mitigate the impact of these vulnerabilities prior to official patching. The vulnerabilities have been adjudicated with a combined adjusted Environmental Score of [6.8](https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H) within the Azure VMware Solution. Until the update is fully addressed, customers are advised to exercise additional caution when granting administrative access to guest virtual machines and to actively monitor any administrative activities performed on them. | N/A |
 |[VMSA-2025-0007](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683) VMware Tools update addresses an insecure file handling vulnerability (CVE-2025-22247). | May 2025 | To remediate CVE-2025-22247, apply version 12.5.2 of VMware Tools, use the Azure VMware Solution Run command ``Set-Tools-Repo.`` | May 2025 |
 | ESXi hosts may experience operational issues if NSX Layer-2 DFW default rule logging is enabled. More information can be obtained in this Knowledge Base article from Broadcom: [ESXi hosts may experience operational issues if L2 DFW default rule logging is enabled.](https://knowledge.broadcom.com/external/article/326455/esxi-hosts-may-experience-operational-is.html) | May 2025 | It is not recommended to enable logging on the default Layer-2 DFW rule in a Production environment for any sustained period of time. If logging must be enabled on an L2 rule, it is advised to create a new L2 rule specific to the traffic flow in question and enable logging on that rule only. Please see [Broadcom Knowledge Base Article 326455.](https://knowledge.broadcom.com/external/article/326455/esxi-hosts-may-experience-operational-is.html).| N/A |
 | With VMware HCX versions 4.10.3 and earlier, attempts to download upgrade bundles or the Connector OVA directly from the HCX Manager UI (port 443) fail due to the decommissioning of the external image depot server. More information can be obtained in this Knowledge Base article from Broadcom: [Upgrade Bundle Download from 443 UI will Fail in All HCX versions prior to 4.11](https://knowledge.broadcom.com/external/article/395372)| April 2025 | We will begin upgrading all Azure VMware Solution customers to HCX 4.11.0 in the coming weeks, this will provide customers with access to the HCX Connector upgrade bundles, which will be stored on their vSAN datastore. Until then, all customers will need to submit a support request (SR) to obtain the required upgrade bundles. | May 2025 |
 
@@ -82,7 +82,7 @@ Run the `Get-StoragePolicy` cmdlet to list the vSAN-based storage policies that
 Run the `Set-VMStoragePolicy` cmdlet to modify vSAN-based storage policies on a default cluster, individual VM, or group of VMs sharing a similar VM name. For example, if you have three VMs named *MyVM1*, *MyVM2*, and *MyVM3*, supplying *MyVM* to the **VMName** parameter would change the `StoragePolicy` on all three VMs.
 
 > [!NOTE]
-> You can't use the vSphere Client to change the default storage policy or any existing storage policies for a VM.
+> SDDC's running vCenter version 8 no longer need to utilize this run command to change a VM's storage policy.  It can be done so natively in vCenter UI/API.
 
 1. Select **Run command** > **Packages** > **Set-VMStoragePolicy**.
 
 
@@ -3,7 +3,7 @@ title: Restore VMs by using the Azure portal using Azure Backup
 description: Restore an Azure virtual machine from a recovery point by using the Azure portal, including the Cross Region Restore feature.
 ms.reviewer: nikhilsarode
 ms.topic: how-to
-ms.date: 05/26/2025
+ms.date: 06/12/2025
 ms.service: azure-backup
 author: jyothisuri
 ms.author: jsuri
@@ -40,6 +40,7 @@ Some details about storage accounts:
 - **Replace disk**: When replacing a managed disk from a Vault-Standard recovery point that's **< 4 TB** or a VM containing **< 16 disks**, a VHD file is created in the specified storage account. After replacement, source VM disks remain in the designated Resource Group, and VHDs stay in the storage account; you can delete or retain the source disk and the VHDs as needed.
 - **Storage account location**: The storage account must be in the same region as the vault. Only these accounts are displayed. If there are no storage accounts in the location, you need to create one.
 - **Storage type**: Blob Storage account isn't supported because the Premium Storage account  it requires is excluded for cost optimization.
+- **Storage redundancy**: Zone redundant storage (ZRS) isn't supported. The replication and redundancy information for the account is shown in parentheses after the account name.
 - **Premium storage**:
   - When you restore non-premium VMs, premium storage accounts aren't supported.
   - When you restore managed VMs, premium storage accounts configured with network rules aren't supported.
 
@@ -3,7 +3,7 @@ title: Troubleshoot Azure VM file recovery
 description: Troubleshoot issues when recovering files and folders from an Azure VM backup.
 ms.topic: troubleshooting
 ms.custom: linux-related-content
-ms.date: 03/27/2025
+ms.date: 06/12/2025
 author: jyothisuri
 ms.author: jsuri
 ---
@@ -183,6 +183,19 @@ Unmount disks manually by running python script with the `clean` parameter. The
  python3 XXX.py clean
 ```
 
+### Unmount stuck disks on Windows
+
+To resolve this issue, follow these steps:
+
+1. Open **ISCSI initiator Properties** window on Azure VM where mounted disks are present.
+2. On the **ISCSI initiator Properties** window, select **Devices** and check the **Name** of the disk that you want to unmount.
+
+
+
+
+3. Go back to **ISCSI initiator Properties** window, select **Disconnect** > **Yes**.
+4. Check if the  target **Name** shows **Status : Inactive**.
+
 ## Next steps
 
 - [Recover files and folders from Azure virtual machine backup](backup-azure-restore-files-from-vm.md)
@@ -2,7 +2,7 @@
 title: Support matrix for Azure VM backups
 description: Get a summary of support settings and limitations for backing up Azure VMs by using the Azure Backup service.
 ms.topic: reference
-ms.date: 06/10/2025
+ms.date: 06/12/2025
 ms.custom:
   - references_regions
   - linux-related-content
@@ -132,7 +132,7 @@ Recovery points on DPM or MABS disk | 64 for file servers, and 448 for app serve
 **Replace existing** | You can restore a disk and use it to replace a disk on the existing VM.<br/><br/> The current VM must exist. If it has been deleted, you can't use this option.<br/><br/> Azure Backup takes a snapshot of the existing VM before replacing the disk, and it stores the snapshot in the staging location that you specify. Existing disks connected to the VM are replaced with the selected restore point.<br/><br/> The snapshot is copied to the vault and retained in accordance with the retention policy. <br/><br/> After the replace-disk operation, the original disk is retained in the resource group. You can choose to manually delete the original disks if they aren't needed. <br/><br/>This option is supported for unencrypted managed VMs and for VMs [created from custom images](/azure/virtual-machines/windows/tutorial-custom-images). It's not supported for unmanaged disks and VMs, classic VMs, and [generalized VMs](/azure/virtual-machines/capture-image-resource).<br/><br/> If the restore point has more or fewer disks than the current VM, the number of disks in the restore point will only reflect the VM configuration.<br><br> This option is also supported for VMs with linked resources, like [user-assigned managed identity](../active-directory/managed-identities-azure-resources/overview.md) and [Azure Key Vault](/azure/key-vault/general/overview).
 **Cross Region (secondary region)** | You can use cross-region restore to restore Azure VMs in the secondary region, which is an [Azure paired region](../reliability/cross-region-replication-azure.md).<br><br> You can restore all the Azure VMs for the selected recovery point if the backup is done in the secondary region.<br><br> This feature is available for the following options:<br> - [Create a VM](./backup-azure-arm-restore-vms.md#create-a-vm) <br> - [Restore disks](./backup-azure-arm-restore-vms.md#restore-disks) <br><br> We don't currently support the [Replace existing disks](./backup-azure-arm-restore-vms.md#replace-existing-disks) option.<br><br> Backup admins and app admins have permissions to perform the restore operation on a secondary region.
 **Cross Subscription** | Allowed only if the [Cross Subscription Restore property](backup-azure-arm-restore-vms.md#cross-subscription-restore-for-azure-vm) is enabled for your Recovery Services vault.   <br><br> You can restore Azure Virtual Machines or disks to a different subscription within the same tenant as the source subscription (as per the Azure RBAC capabilities) from restore points. <br><br> This feature is available for the following options:<br> - [Create a VM](./backup-azure-arm-restore-vms.md#create-a-vm) <br> - [Restore disks](./backup-azure-arm-restore-vms.md#restore-disks) <br><br> Cross Subscription Restore is unsupported for: <br> - [Snapshots](backup-azure-vms-introduction.md#snapshot-creation) tier recovery points. It's also unsupported for [unmanaged VMs](backup-azure-arm-restore-vms.md#restoring-unmanaged-vms-and-disks-as-managed) and [VMs with disks having Azure Encryptions (ADE)](backup-azure-vms-encryption.md#encryption-support-using-ade). <br> - [VMs with CMK encrypted disks](backup-azure-vms-encryption.md).
-**Cross Zonal Restore** | You can use cross-zonal restore to restore Azure zone-pinned VMs in available zones. You can restore Azure VMs or disks to different zones (one of the Azure RBAC capabilities) from restore points. Note that when you select a zone to restore, it selects the [logical zone](../reliability/availability-zones-overview.md#zonal-and-zone-redundant-services) (and not the physical zone) as per the Azure subscription you will use to restore to. <br><br> This feature is available for the following options:<br> - [Create a VM](./backup-azure-arm-restore-vms.md#create-a-vm) <br> - [Restore disks](./backup-azure-arm-restore-vms.md#restore-disks) <br><br> Cross-zonal restore is unsupported for [snapshots](backup-azure-vms-introduction.md#snapshot-creation) of restore points. It's also unsupported for [encrypted Azure VMs](backup-azure-vms-introduction.md#encryption-of-azure-vm-backups).
+**Cross Zonal Restore** | You can use cross-zonal restore to restore Azure zone-pinned VMs in available zones. You can restore Azure VMs or disks to different zones (one of the Azure RBAC capabilities) from restore points. Note that when you select a zone to restore, it selects the [logical zone](../reliability/availability-zones-overview.md#zonal-and-zone-redundant-services) (and not the physical zone) as per the Azure subscription you will use to restore to. <br><br> This feature is available for the following options:<br> - [Create a VM](./backup-azure-arm-restore-vms.md#create-a-vm) <br> - [Restore disks](./backup-azure-arm-restore-vms.md#restore-disks) <br><br> Cross-zonal restore is unsupported for [snapshots](backup-azure-vms-introduction.md#snapshot-creation) of restore points.  <br><br>  Cross-zonal restore doesn't support restoring [encrypted Azure VMs](backup-azure-vms-introduction.md#encryption-of-azure-vm-backups) directly. If you perform a restore, the restored VM uses **SSE encryption** by default. You must manually reapply **CMK encryption** to the restored VM after the restore process is complete.
 
 ## Support for file-level restore