Event details
Hello.
For Virtual Machines running with Windows Server 2012 R2, 2016, 2019, 2022 with all the Windows updates applied until April 2026, this VMs are in Vmware 8.0.3.0, if the update process for the CA2023 certificate is not executing automatically, do I need to update some kind of Bios in Vmware or in the VM itself to get enough confidence and get the updates of CA2023 run automatically? Or if I force the process with the key in registry, schedule the update and restart several times the server, do I need some kind of update in Vmware or in the VM itself?
Thanks.
Yesterday I had a test in a similar scenario. Windows 2025 fully up to date and VMware 8.0.2.
Setting the AvailableUpdates registry value to 0x5944 and running manually the Secure-Boot-Update scheduled task, after two run and two reboots I could see the DB updated with the new 2023 certificates. After these reboots I had AvailableUpdates=0x4004 and running the scheduled task again and rebooting the VM again did not change it anymore, the KEK could not be updated (I can see only event id 1801 in the registry, no other errors).
So I guess that if the VM finds the PK null, as is common in VMware environments today, the automatic process could not be completed (https://knowledge.broadcom.com/external/article/423893/secure-boot-certificate-expirations-and.html). PK and KEK must be updated manually as described in the Broadcom KB https://knowledge.broadcom.com/external/article/423919. Only after PK and KEK are up to date the automatic process can be completed and DB and Bootloader can be updated by the Microsoft scheduled task.
Prabhakar_MSFTMicrosoft
Hello iokdeda We are coordinating with Broadcom to introduce support in Windows for updating the PK if the Windows OEM Devices PK is missing on Secure Boot- and vTPM-enabled vSphere VMs, thereby facilitating KEK updates.
For VMs created on ESX 9.x hosts, the Windows OEM Devices PK is already present. However, for VMs created on earlier ESX versions, this PK is missing. We are actively working with Broadcom on a solution, which will be enabled through future Windows updates and corresponding Broadcom patches.
This is really good news!
Do you have any idea when we'll be able to get this support? It absolutely must arrive before the 2011 certificates expire, otherwise the automatic update process will fail, right?
It does not matter much when the fix is arriving. As long as it is unfixed, future LCUs will not be able to install DBX revocations (or add more certs to DB, but that will likely not happen before 2037). But as soon as it is remediated, the next installed LCU will again detect that the DBX is out of date and apply it again. You can also manually trigger DBX update by setting AvailableUpdates to 0x0002 once you know that the issue is fixed and DBX updates are missing.
- Prabhakar_MSFT
Hello iokdeda We are coordinating with Broadcom to introduce support in Windows for updating the PK if the Windows OEM Devices PK is missing on Secure Boot- and vTPM-enabled vSphere VMs, thereby facilitating KEK updates.
For VMs created on ESX 9.x hosts, the Windows OEM Devices PK is already present. However, for VMs created on earlier ESX versions, this PK is missing. We are actively working with Broadcom on a solution, which will be enabled through future Windows updates and corresponding Broadcom patches.
Hello Prabhakar_MSFT,
In Broadcom documentation, it stated that it is possible to manually replace the PK with Windows OEM Devices PK in UEFI menu. Is it supported to update KEK and DB in Windows for the VMs with Windows OEM Devices PK?
This question has also been asked in last month's AMA, and the answer pointed to https://github.com/microsoft/secureboot_objects/issues/369 where Doug Flick from Microsoft clarified that Microsoft officially supports the scenario when firmware vendors of (virtual or real) machines deploy the Microsoft OEM Devices PK instead of their own PK, and that such devices will get serviced (with Secure Boot certificate updates) like Microsoft's own machines. There are also some details about the security of that PK in this thread, mostly for as information for vendors whether using this PK will be more secure or not than their own PK (which would require their own certificate infrastructure). Microsoft also has performed Secure Boot PK updates on devices where the PK private key leaked, to replace the leaked PK by their own OEM Devices PK.
So I'd say, from a Microsoft standpoint, manually importing that PK is fully supported, on any machines where the firmware vendor suggests so (be it real or virtual ones).
I have the exact same scenario with Parallels VMs. KEK can't update, then I find the PK isn't valid. Parallels have made changes so that newly minted VMs get the new PK and KEK, but no information about fixing up existing VMs.
