Failed to install Windows Update KB5012170.

Discussion in 'General Questions' started by 张一普, Aug 11, 2022.

  1. 张一普

    张一普 Bit poster

    Messages:
    3
    I'm running Windows 11 (Build 22000.856) operate system on a virtual machine using Parallels 18.0.0 (53049) and recently having issues with completing Windows Update KB5012170, which cannot be installed successfully.

    Here's what I got about system information and configuration.
    Host Machine: MacBook Pro (13-inch, 2020) with Intel Chip
    BIOS Mode: UEFI
    Secure Boot State: On
    TPM Chip: Enabled

    Having tried many times of Windows Update Cleanup and clicking "retried" button, I still got the same problem, though.
    It just shows: "2022-08 Security Update for Windows 11 for x64-based Systems (KB5012170) Install error - 0x800f0922".

    I looked up "KB5012170 installation issue" on Google search, trying to solve the problem myself, then I find there's someone who encountered the same situation - he was able to install KB5012170 by disabling Secure Boot in BIOS and re-enabled it after the update.

    It seems that there's a solution, but how can I configure BIOS settings under a parallels VM? There's no way to simply disable Secure Boot temporarily in PD18.
     
  2. mlbushnell

    mlbushnell Bit poster

    Messages:
    3
  3. Mark Fine

    Mark Fine Pro

    Messages:
    482
    Lol... Looks like needing a UEFI BIOS update (does Parallels provide that?) is the real fix.
     
    张一普 likes this.
  4. Mark Fine

    Mark Fine Pro

    Messages:
    482
    From what I now understand, it's either the UEFI BIOS that needs to be updated, the UEFI BIOS certificate needs to be updated, or a combination of the two.
    Either way, I think the fix is something Parallels' needs to provide.
     
    张一普 likes this.
  5. MikeyH

    MikeyH Hunter

    Messages:
    102
    张一普 likes this.
  6. Mark Fine

    Mark Fine Pro

    Messages:
    482
    For some reason the link above gives a 404. Just in case, this is the correct link to download wushowhide.diacab from the referred post.
     
  7. MikeyH

    MikeyH Hunter

    Messages:
    102
    Thanks. Link was truncated by copy / paste.
     
    Mark Fine likes this.
  8. Mark Fine

    Mark Fine Pro

    Messages:
    482
    No problem. Was a good idea. Nothing we can really do about it until Parallels updates their UEFI BIOS and/or certificate, so the best option is to make it go away until they do.

    Pretty sure the idea of disabling TPM (if even possible - wasn't a workable option in my case) and reapplying the update is a very short-termed and painful workaround.
     
  9. MikeyH

    MikeyH Hunter

    Messages:
    102
    Potential data loss if you have keys associated with the TPM.
     
    Mark Fine likes this.
  10. AndyG1

    AndyG1 Bit poster

    Messages:
    5
    It appears that the latest version of Parallels has broken the ability to update Windows. I await a fix.
     
    张一普 likes this.
  11. Mikhail Ushakov

    Mikhail Ushakov Parallels Team

    Messages:
    493
    Thank you a lot for your feedback, but that's not correct. The issue persists on physical PCs as well: https://answers.microsoft.com/en-us...boot-dbx/699b8c9b-6b97-4216-acd4-b86d91bb9cf9 .
    We're researching the ways we can perform to help you solve the issue. As a workaround, you can create a snapshot (Actions > Take a snapshot) to stay on the safe side, shut down Windows, open configuration settings of the virtual machine > Hardware > select TPM chip and click the "-" button to remove it. Post that start Windows and install the update. Shut down Windows and add the TPM chip back by clicking the "+" button > TPM chip in the configuration settings.
     
    MattiasW and 张一普 like this.
  12. Mark Fine

    Mark Fine Pro

    Messages:
    482
    That's not entirely correct either.

    The reason why it persists on physical PCs is because either those PC manufacturers failed to update their UEFI BIOS or register their certificate with Microsoft, or the user failed to update their BIOS.

    The UEFI BIOS/certificate is part of the Parallels software and can't be updated by the user, therefore the ball is in Parallel's court to fix.

    BTW: Your suggested workaround to temporarily remove TPM doesn't work for many people, since it potentially renders the VM to be so slow that it's nearly inoperable. It's also a potentially dangerous thing to suggest, because if done incorrectly can cause the TPM keys stored in the keychain to be deleted, rendering the entire VM about as useful as tits on a bull.

    Please think this through, do what you have to do to properly research this, then provide recommendations rather than just throwing spaghetti on the wall and seeing if it sticks.
     
    张一普 likes this.
  13. AndyG1

    AndyG1 Bit poster

    Messages:
    5
    Thanks for the good advice, I would think since MS broke Windows updates, it's up to them to fix it.
     
    张一普 likes this.
  14. 张一普

    张一普 Bit poster

    Messages:
    3
    BitLocker Drive Encryption is enabled in Windows 11.pvm now. Should I turn off BitLocker first and then remove TPM again?
     
  15. 张一普

    张一普 Bit poster

    Messages:
    3
    [Problem Solved]
    That did help, thanks!
    By the way, I didn't turn off BitLocker first because it could take me too long. I used BitLocker Recovery Key to boot Windows 11 instead, and then followed your lead. Windows Update KB5012170 has successfully installed. Thanks again.
     
  16. FabianS7

    FabianS7 Junior Member

    Messages:
    13
    i can confirm the removal of my tpm fixed this issue for me.

    1.> shut down my vm
    2.> backed up my mac os keychain v.tpm module key in a newly created custom keychain
    3.> removed tpm from vm settings
    4.> started vm and ran update (you may see warning prompts about your accounts, etc...just work past them as needed to get to the desktop to run windows update. in my case, i login with a windows hello pin and i had to reset it. i simply used the same pin i had before.)
    5.> shutdown
    6.> re-added the v.tpm module in vm settings
    7.> restarted vm
    8.> all done and back to normal, working fine.

    now, presumably, i would agree that a future parallels update could also address this gracefully and perhaps most people should just wait for that unless you feel this update is critical for you or parallels issues a statement that they will never address this (or they simply neglect to).

    that is all.
     
    张一普 likes this.
  17. ColinB10

    ColinB10 Bit poster

    Messages:
    4
    Disappointed that today's Parallels update did not address this issue...
     
  18. AmitM6

    AmitM6 Bit poster

    Messages:
    1
    I am echoing the earlier poster's experience. The latest Parallels update has not fixed the problem.
    This is an irritating issue. Please find a way to solve this without having to manually fiddle with the VM.
     
  19. Eduardo

    Eduardo Junior Member

    Messages:
    14
    Unfortunately, your procedure (tried three times) doesn't do anything for me.
    I've also failed to boot into EFI BIOS. My intention was to see if I could change the Secure Boot setting, but never reached it. I tried with this flag, vm.bios.efi=0, but, sadly, that got me nowhere.
     
  20. ColinB10

    ColinB10 Bit poster

    Messages:
    4
    Today's Parallels update, Version 18.0.2 (53077) has finally resolved this issue - Windows Update KB5012170 installed correctly.
     
    张一普 likes this.

Share This Page