- You’re running Windows Server 2012 R2 as a HyperV host.
- You’re trying to use Windows Update for a Windows Server 2012 guest running on that host…
- …and Windows Update keeps failing to install the updates and rolls the server back…only to show that the updates failed leaving you back where you started.
As it turns out this is a very unique situation that isn’t well documented and if you’ve arrived here you’re fortunate because finding the solution to this difficult issue using Bing or Google is challenging at best.
In my specific case I had a Domain Controller running Windows Server 2012 as a HyperV guest on a Windows Server 2012 R2 host, that would not take this update.
Simply put, adding the Bitlocker feature on the Domain Controller, rebooting, and then running this update singularly from Windows Update succeeded in getting this update applied. Once applied you can remove the feature.
Alternatively, if you do not want to install the Bitlocker feature, simply disable Secure Boot on the HyperV guest as shown below, then re-enable Secure Boot after the update is applied.