Event details
Just installed KB5079473 on my Win11 machine that acts as a Hyper-V host. KEK updates in VMs are still not working (failing with error 1795). Is that expected? Has the Hyper-V update been delayed?
Die Systemfirmware hat beim Versuch, eine Variable für den sicheren Start KEK 2023 zu aktualisieren, den Fehler Zugriff verweigert zurückgegeben. Diese Gerätesignaturinformationen sind hier enthalten.
DeviceAttributes: FirmwareManufacturer:Microsoft Corporation;FirmwareVersion:Hyper-V UEFI Release v4.1;OEMModelNumber:Virtual Machine;OEMManufacturerName:Microsoft Corporation;OSArchitecture:amd64;
BucketId: 4e22d051e8c143d2875b9d16ef2241c7ec548985a21e5073126d3c1f9bf53bb2
BucketConfidenceLevel: .
Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931
This is from a Windows 10 LTSC 2019 VM with system language German.
The March 2026 Updates also need to be applied to the VM, not just the host.
As by Arden_White:
[..]
The March updates need to be applied to both the host and the guest.
- Host changes are to allow KEK updates to the NVRAM
- Guest changes are to include a Hyper-V PK signed KEK that the guest can apply to the firmware
f I'm remembering correctly, if you look at the SYSTEM log at the TPM-WMI source, you'll see a 1795 event if the host is not updated and the guest is. Otherwise, you'll see an 1803 event if the host is updated and the guest is not.
[..]
BTW: Your 1795 error message should have changed from "media is write protected" to "access denied" after you've installed the March 2026 Host Update - right?
Thanks Tobias for your answer. I had asked the question twice (also on this week's video) and got an answer on the other one, but forgot to update this one.
After installing updates on the VM, it went through flawlessly.
And yes, you are right, the error message changed as described.