Forum Discussion

LouisT's avatar
LouisT
Tin Contributor
Jun 24, 2026

Secure Boot update still pending on deadline day

After checking the registry keys on 2x VMs which run services for a number of important customers I found they both have:

UEFICA2023Error 2147942750

 

Apparently this means they're pending a reboot.

https://blog.mindcore.dk/2026/04/secure-boot-certificate-update-intune/

 

I can't reboot the VM inside working hours, can they be rebooted after the deadline or do I need to disable Secure Boot on the VMs?

I'm concerned I'll have to disable Secure Boot before they're next rebooted for Windows updates.

1 Reply

  • Hi, I would avoid disabling Secure Boot unless you have a very specific rollback plan. For servers, I’d first confirm the relevant cumulative update, servicing stack, and firmware updates are installed, then check the Secure Boot and Code Integrity related events after reboot. If this is about a Secure Boot DB or DBX update, firmware behavior can vary by hardware vendor, so checking the vendor’s guidance matters too. I’d test the update on one noncritical server of the same model before touching the wider group. If the update still shows pending after a clean reboot cycle, I’d open a Microsoft support case rather than weakening boot security across production servers.