Windows Server 2012 Error: 0x800f0922 installing updates from Windows Update


  • You’re running Windows Server 2012 R2 as a HyperV host.
  • You’re trying to use Windows Update for a Windows Server 2012 guest running on that host…
    • …and Windows Update keeps failing to install the updates and rolls the server back…only to show that the updates failed leaving you back where you started.


As it turns out this is a very unique situation that isn’t well documented and if you’ve arrived here you’re fortunate because finding the solution to this difficult issue using Bing or Google is challenging at best.

It turns out that a single update KB2871690 from Microsoft is the root cause under these very specific circumstances, and the solution is now well documented here.

In my specific case I had a Domain Controller running Windows Server 2012 as a HyperV guest on a Windows Server 2012 R2 host, that would not take this update.

Simply put, adding the Bitlocker feature on the Domain Controller, rebooting, and then running this update singularly from Windows Update succeeded in getting this update applied.  Once applied you can remove the feature.

Alternatively, if you do not want to install the Bitlocker feature, simply disable Secure Boot on the HyperV guest as shown below, then re-enable Secure Boot after the update is applied.


Tagged with: , , ,
Posted in Windows Server 2012
4 comments on “Windows Server 2012 Error: 0x800f0922 installing updates from Windows Update
  1. zhazell says:

    Thank you so much! Simply just unchecking “secure boot” on my Server 2012 R2 Gen 2 VM guest machine did the trick! Would have not found this without this article. Of course I enabled the option again after update, but I did not want to add an additional feature in windows that was not needed.

    • ronbok says:

      zhazell, You’re welcome and thanks for the tip about the Secure Boot option! I’ve seen a few more Windows Server updates recently that failed installation until Secure Boot was disabled. Haven’t written a post about those yet. For those not aware, Secure Boot is a Gen 2 VM option under Settings –> Firmware. At the top of the Settings dialog you’ll see an option for Secure Boot. Shutdown the VM. Disable Secure Boot, install the update that previously failed, then you can re-enable the Secure Boot option.

  2. mmendelson says:

    Thanks for helping me to solve this puzzling problem!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: