During my last updating round, I noticed that a number of VMs in my Windows Azure Pack lab, had problems with security update KB2920189. Reading the Microsoft Security Advisory, it states that Microsoft is revoking the digital signature for four private, third-party UEFI (Unified Extensible Firmware Interface) modules that could be loaded during UEFI Secure Boot. These UEFI (Unified Extensible Firmware Interface) modules are partner modules distributed in backup and recovery software. When the update is applied, the affected UEFI modules will no longer be trusted and will no longer load on systems where UEFI Secure Boot is enabled. The affected UEFI modules consist of specific Microsoft-signed modules that are not in compliance with our certification program and are being revoked at the request of …

Link:

Workaround for Updating a Hyper-V Generation 2 VM with KB2920189


Also published on Medium.