I'm running Windows 11 (Build 22000.856) operate system on a virtual machine using Parallels 18.0.0 (53049) and recently having issues with completing Windows Update KB5012170, which cannot be installed successfully. Here's what I got about system information and configuration. Host Machine: MacBook Pro (13-inch, 2020) with Intel Chip BIOS Mode: UEFI Secure Boot State: On TPM Chip: Enabled Having tried many times of Windows Update Cleanup and clicking "retried" button, I still got the same problem, though. It just shows: "2022-08 Security Update for Windows 11 for x64-based Systems (KB5012170) Install error - 0x800f0922". I looked up "KB5012170 installation issue" on Google search, trying to solve the problem myself, then I find there's someone who encountered the same situation - he was able to install KB5012170 by disabling Secure Boot in BIOS and re-enabled it after the update. It seems that there's a solution, but how can I configure BIOS settings under a parallels VM? There's no way to simply disable Secure Boot temporarily in PD18.
From what I now understand, it's either the UEFI BIOS that needs to be updated, the UEFI BIOS certificate needs to be updated, or a combination of the two. Either way, I think the fix is something Parallels' needs to provide.
From the other thread: https://forum.parallels.com/threads...-to-install-in-pdm-18-0-0.358137/#post-907393 If needed you can temporality hide an update using wushowhide: https://download.microsoft.com/down...9cd-4275-8c95-1be17bf70b21/wushowhide.diagcab Just remember to unhide when a fix is available.
For some reason the link above gives a 404. Just in case, this is the correct link to download wushowhide.diacab from the referred post.
No problem. Was a good idea. Nothing we can really do about it until Parallels updates their UEFI BIOS and/or certificate, so the best option is to make it go away until they do. Pretty sure the idea of disabling TPM (if even possible - wasn't a workable option in my case) and reapplying the update is a very short-termed and painful workaround.
It appears that the latest version of Parallels has broken the ability to update Windows. I await a fix.
Thank you a lot for your feedback, but that's not correct. The issue persists on physical PCs as well: https://answers.microsoft.com/en-us...boot-dbx/699b8c9b-6b97-4216-acd4-b86d91bb9cf9 . We're researching the ways we can perform to help you solve the issue. As a workaround, you can create a snapshot (Actions > Take a snapshot) to stay on the safe side, shut down Windows, open configuration settings of the virtual machine > Hardware > select TPM chip and click the "-" button to remove it. Post that start Windows and install the update. Shut down Windows and add the TPM chip back by clicking the "+" button > TPM chip in the configuration settings.
That's not entirely correct either. The reason why it persists on physical PCs is because either those PC manufacturers failed to update their UEFI BIOS or register their certificate with Microsoft, or the user failed to update their BIOS. The UEFI BIOS/certificate is part of the Parallels software and can't be updated by the user, therefore the ball is in Parallel's court to fix. BTW: Your suggested workaround to temporarily remove TPM doesn't work for many people, since it potentially renders the VM to be so slow that it's nearly inoperable. It's also a potentially dangerous thing to suggest, because if done incorrectly can cause the TPM keys stored in the keychain to be deleted, rendering the entire VM about as useful as tits on a bull. Please think this through, do what you have to do to properly research this, then provide recommendations rather than just throwing spaghetti on the wall and seeing if it sticks.
BitLocker Drive Encryption is enabled in Windows 11.pvm now. Should I turn off BitLocker first and then remove TPM again?
[Problem Solved] That did help, thanks! By the way, I didn't turn off BitLocker first because it could take me too long. I used BitLocker Recovery Key to boot Windows 11 instead, and then followed your lead. Windows Update KB5012170 has successfully installed. Thanks again.
i can confirm the removal of my tpm fixed this issue for me. 1.> shut down my vm 2.> backed up my mac os keychain v.tpm module key in a newly created custom keychain 3.> removed tpm from vm settings 4.> started vm and ran update (you may see warning prompts about your accounts, etc...just work past them as needed to get to the desktop to run windows update. in my case, i login with a windows hello pin and i had to reset it. i simply used the same pin i had before.) 5.> shutdown 6.> re-added the v.tpm module in vm settings 7.> restarted vm 8.> all done and back to normal, working fine. now, presumably, i would agree that a future parallels update could also address this gracefully and perhaps most people should just wait for that unless you feel this update is critical for you or parallels issues a statement that they will never address this (or they simply neglect to). that is all.
I am echoing the earlier poster's experience. The latest Parallels update has not fixed the problem. This is an irritating issue. Please find a way to solve this without having to manually fiddle with the VM.
Unfortunately, your procedure (tried three times) doesn't do anything for me. I've also failed to boot into EFI BIOS. My intention was to see if I could change the Secure Boot setting, but never reached it. I tried with this flag, vm.bios.efi=0, but, sadly, that got me nowhere.
Today's Parallels update, Version 18.0.2 (53077) has finally resolved this issue - Windows Update KB5012170 installed correctly.