Event details
Unable to perform update on Hyper-V VM in test environment
Log Name: System
Source: Microsoft-Windows-TPM-WMI
Date: 2/2/2026 12:34:04 AM
Event ID: 1795
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: ABCDWin11.gpmn.test.com
Description:
The system firmware returned an error The media is write protected. when attempting to update a Secure Boot variable KEK 2023. This device signature information is included here.
DeviceAttributes: FirmwareManufacturer:Microsoft Corporation;FirmwareVersion:Hyper-V UEFI Release v4.1;OEMModelNumber:Virtual Machine;OEMManufacturerName:Microsoft Corporation;OSArchitecture:amd64;
BucketId: 4e22d051e8c143d2875b9d16ef2241c7ec548985a21e5073126d3c1f9bf53bb2
BucketConfidenceLevel: .
This Event ID (1795) is preventing a Hyper-V VM Generation 2 CV 10.0 running the Windows 11 version 25H2 O/S on a Hyper-V Host Server (Dell PowerEdge T140) System, that has successfully updated the BIOS Firmware, and Microsoft 2023 Secure Boot Certificates, and has UEFI and "Secure Boot" turned on within the server configuration settings.
This is a known issue (read the other comments here). Will probably be fixed with cumulative update in March, to be applied to the Hyper-V host. Workaround (if you care) is to suspend bitlocker (if used), and then move the virtual hard disk to a freshly created Gen 2 VM (after updating the host to have the cumulative January patches, if not already done). The freshly created VM will receive the new KEK in the Secure Boot template and the rest of the process can continue.
