This month Microsoft released it’s regular set of updates as it does every second Tuesday of the month for Windows and Office.
Generally most updates go through without a hitch once applied, however there is the odd issue that can crop up every so often in certain scenarios and environments. That’s generally always been the case over the years.
Whilst applying this months recent set of patches across a few of my machines, I ran into a rather odd issue when applying them to some Server 2012 R2 installs.
Of the machines I patched, (4 physical, 4 virtual) 3 of the virtual machines failed to apply them after the first reboot which then resulted in changes being rolled back (as you would expect)
Looking at the Windows Update history on the machines it appeared that 6 out of the 11 had failed to install, which resulted in the rollback. Selecting and installing one update at a time on each machine taking generally the smaller sized packages first, rebooting and so which on seemed to be working
I finally got down to the last two updates, KB2920189 and KB2955164 which failed to install on the same three 2012 R2 virtual machines with an error code 800F0922
So what was causing these updates to fail? And why only on these specific virtual machines?
Well, the only difference in configurations is that these virtual machines happened to be Generation 2 based, which is a new feature of Hyper-V in Server 2012 R2.
The fix/workaround?
- Disable the Secure Boot option in the virtual machine firmware settings.
- Re-run the updates and they should now install successfully
I find it rather strange and somewhat worrying that Microsoft’s own feature prevents their own updates from installing successfully.
Perhaps it’s a bug that they are current unaware of? Who knows, but let’s just hope that those with secure boot enabled UEFI based laptops and tablets don’t start running into this issue also!
Hope this helps any of you out there 🙂