Microsoft says some Windows Server 2022 virtual machines might fail to start after installing updates released on Patch Tuesday this month.
This known issue only affects virtual machines with Secure Boot enabled and running on vSphere ESXi 6.7 U2/U3 or vSphere ESXi 7.0.x.
VMware and Redmond are investigating the issue and will provide more information as it becomes available.
Although there are currently no fixes for the affected virtual machines, VMware is providing administrators of affected hosts with several temporary workarounds until a permanent solution is available.
To resolve the issue and work around startup issues, you can take one of the following actions:
- Upgrade the ESXi host where the virtual machine in question is running to vSphere ESXi 8.0
- Disable “Secure Boot” on virtual machines.
- Do not install hotfix KB5022842 on a Windows 2022 Server virtual machine until the issue is resolved.
The Secure Boot option can be disabled for each VM using the following procedure:
- Power off the virtual machine.
- Right-click the virtual machine and click Modify the parameters.
- Click it Virtual machine options tongue.
- Below boot option, uncheck the “Secure Boot Enabled“
Unfortunately, if you have already installed this month’s Windows Server 2022 Cumulative Update KB5022842, uninstalling it will not fix the problem.
The only way to ensure that your virtual machines can reboot is to update the ESXi host to vSphere ESXi 8.0 or disable secure boot.
Microsoft is also working on fixing another issue where WSUS servers upgraded to Windows Server 2022 may fails to push Windows 11 22H2 February 2022 Updates to customers.
This known issue only affects WSUS servers upgraded from Windows Server 2016 or Windows Server 2019.
Redmond also provides a workaround for administrators whose WSUS servers are affected, requiring them to re-add Unified Update Platform (UUP) MIME types inadvertently removed during the upgrade process and which are causing the update propagation issues.