If you have deployed a Windows Server 2012 R2 generation 2 virtual machine on 2012 R2 Hyper-V server you may find that Windows Update fails on any generation 2 virtual machines.
Generation 2 virtual machines use UEFI rather than BIOS. UEFI is a firmware interface to the hardware that will gradually replace BIOS on newer hardware. It is more secure than BIOS and designed to protect pre-boot prcesses from attack, improve startup times and support larger disks, as well as a number of other enhancements.
So a Generation 2 virtual machine uses UEFI, and therefore has the Enable Secure Boot option enabled by default.
Below are lots of WindowsUpdateClient event id 20 error messages. I recieved on my first generation 2 virtual machine.
To resolve the issue, turn off Secure Boot, update the server and then re-enable Secure Boot after.
Shutdown the virtual machine in question, then select Settings.
Click Firmware, then unselect Enable Secure Boot tick box.
Next, run Windows Update, patch the server and once the updates are completed, shutdown the server so you can re-enable the Secure Boot option.
Related Posts:
1. How to enable Data Deduplication in Windows 2012
2. How to enable Windows 8.1 Windows 2012 R2 dual boot – boot to VHD
3. Windows Server 2012 Hyper-V Best Practices
