Event details

It's time for our second Ask Microsoft Anything (AMA) about updating Secure Boot certificates on your Windows devices before they expire in June of 2026. If you've already bookmarked Secure Boot play...
Heather_Poulsen
Updated Feb 19, 2026
AMA
remco van der Lee's avatar
remco van der Lee
Occasional Reader
Apr 02, 2026

Can anybody confirm if its expected that i still get eventid 1795 for all our virtual machines in Azure?
I have dozens of VM's in Azure that have 1795 and none of them where updated succesfully. 

In my opinion the VM needs to retrieve the KEK from the host just like on onprem Hyperv. On hyperv its fixed in March with the latest CU. But how does does this translate to Azure. 

P.S.
The lack of proper communication and guidance for the whole secure boot update proces is infuriating. We were warned more then a year ago, we started everything on time from our side we but even in March/April 2026  there are still things missing with only 2 months to go. 

  • Arden_White's avatar
    Arden_White
    Icon for Microsoft rankMicrosoft
    Apr 03, 2026

    Hi Remco,

    There was a known issue in Hyper‑V where Secure Boot certificate updates could fail with Event ID 1795 when attempting to update KEK.

    This issue was resolved in Windows updates released on or after March 10, 2026, and is documented here:
    Known issues and resolutions for Secure Boot certificates updates

    In virtualized environments such as Hyper‑V Gen2 VMs and Azure VMs, Secure Boot variables are maintained by virtual firmware provided by the host platform. As a result, successful KEK enrollment depends on both:

    • guest OS support for authenticated updates, and
    • host platform support for accepting those updates

    Until both components are updated, Secure Boot KEK enrollment may fail, and Event 1795 may continue to be logged.

    Arden