Microsoft says some Windows Server 2022 virtual machines might not boot up after installing updates released during this month’s Patch Tuesday.
This known issue only impacts VMs with Secure Boot enabled and running on vSphere ESXi 6.7 U2/U3 or vSphere ESXi 7.0.x.
VMware and Redmond are investigating the issue and will provide more information as soon as it’s available.
While currently, there is no fix for impacted VMs, VMware provides admins with affected hosts with multiple temporary workarounds until a permanent solution is available.
To address the issue and work around the boot issues, you can take one of the following measures:
- Upgrade the ESXi Host where the virtual machine in question is running to vSphere ESXi 8.0
- Disable “Secure Boot” on the VMs.
- Do not install the KB5022842 patch on any Windows 2022 Server virtual machine until the issue is resolved.
The Secure Boot option can be disabled for each VM using the following procedure:
- Power off the VM.
- Right-click the virtual machine and click Edit Settings.
- Click the VM Options tab.
- Under Boot Option, uncheck the “Secure Boot enabled“
Unfortunately, if you have already installed this month’s KB5022842 Windows Server 2022 cumulative update, uninstalling it will not resolve the issue.
The only way to ensure that your VMs can boot again is to update the ESXi host to vSphere ESXi 8.0 or disable Secure Boot.
Microsoft is also working on addressing another issue where WSUS servers upgraded to Windows Server 2022 may fail to push February 2022 Windows 11 22H2 updates to clients.
This known issue only affects WSUS servers upgraded from Windows Server 2016 or Windows Server 2019.
Redmond also provides a workaround for admins with impacted WSUS servers which requires them to re-add inadvertently removed Unified Update Platform (UUP) MIME types removed during the upgrade process that are causing the update propagation problems.