Windows Server

Microsoft says some Windows Server 2022 virtual machines might not boot up after installing updates released during this month's Patch Tuesday.

This known issue only impacts VMs with Secure Boot enabled and running on vSphere ESXi 6.7 U2/U3 or vSphere ESXi 7.0.x.

"After installing KB5022842 on guest virtual machines (VMs) running Windows Server 2022 on some versions of VMware ESXi, Windows Server 2022 might not start up," Microsoft said.

VMware and Redmond are investigating the issue and will provide more information as soon as it's available.

Even though Redmond says only VMware ESXi VMs are affected, some admin reports point to other hypervisor platforms (including bare metal) also being impacted by this issue.

While currently, there is no fix for impacted VMs, VMware provides admins with affected hosts with multiple temporary workarounds until a permanent solution is available.

To address the issue and work around the boot issues, you can take one of the following measures:

  1. Upgrade the ESXi Host where the virtual machine in question is running to vSphere ESXi 8.0
  2. Disable "Secure Boot" on the VMs.
  3. Do not install the KB5022842 patch on any Windows 2022 Server virtual machine until the issue is resolved.

The Secure Boot option can be disabled for each VM using the following procedure:

  1. Power off the VM.
  2. Right-click the virtual machine and click Edit Settings.
  3. Click the VM Options tab.
  4. Under Boot Option, uncheck the "Secure Boot enabled"

Unfortunately, if you have already installed this month's KB5022842 Windows Server 2022 cumulative update, uninstalling it will not resolve the issue. 

The only way to ensure that your VMs can boot again is to update the ESXi host to vSphere ESXi 8.0 or disable Secure Boot.

Microsoft is also working on addressing another issue where WSUS servers upgraded to Windows Server 2022 may fail to push February 2022 Windows 11 22H2 updates to clients.

This known issue only affects WSUS servers upgraded from Windows Server 2016 or Windows Server 2019.

Redmond also provides a workaround for admins with impacted WSUS servers which requires them to re-add inadvertently removed Unified Update Platform (UUP) MIME types removed during the upgrade process that are causing the update propagation problems.

Update: Added info on additional reports saying this known issue affects additional hypervisor platforms. 

Related Articles:

Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools

Microsoft confirms Windows Server 2025 blue screen, install issues

Microsoft fixes Remote Desktop issues caused by Windows Server update

Microsoft announces hotpatching for Windows Server Azure VMs

Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues