Table of Contents
Introduction
There are quite a few different errors that you may run into when using Hyper-V.
In this blog post, I explain the following error related to Secure Boot in Hyper-V, and how to solve it.
Below you can see the virtual machine boot summary of a machine in Hyper-V.
Boot Failed. EFI SCSI Device. Failed Secure Boot Verification
Description of the error
You are receiving this error because a Generation 2 machine in Hyper-V by default runs Secure Boot.
What is Secure Boot?
Secure Boot is a common security standard used by different PC industry players and was introduced with Windows 8 and Windows Server 2012. The idea with Secure Boot is that only trusted OEM software should start. This is carried out by the firmware checking signatures of everything booting up, such as:
- Boot software
- UEFI firmware drivers
- EFI applications
- The operating system
How to solve the error
There are two ways to solve the error.
These solutions are explained below.
Solution 1 – Create a generation 1 virtual machine in Hyper-V
If you want to run an older operating system as a guest, select Generation 1 when creating the Virtual Machine:
Solution 2 – Disable Secure Boot
The second solution is to disable Secure Boot under the VM settings for a Generation 2 Virtual Machine.
Disable Secure Boot for a Hyper-V machine using the Hyper-V Manager
Open Hyper-V Manager -> Right-Click -> Press Settings
Go to the Security tab and uncheck Enable Secure Boot. Secure Boot is enabled by default.
Disable Secure Boot for a Hyper-V machine using Powershell
An alternative to the Hyper-V Manager is Powershell.
Run the following command, replacing “VM1” with the name of your virtual machine.
Set-VMFirmware "VM1" -EnableSecureBoot On
Conclusion
When configuring virtual machines in Hyper-V, you must understand the difference between the different generations and how the new security features work.
Did you find this article helpful? Please leave a comment below!
References
- Microsoft Docs – Should I create a generation 1 or 2 virtual machine in Hyper-V?
- Microsoft Docs – Secure Boot
Related posts
- Microsoft Docs – Introduction to Hyper-V in Windows 10
- Create and configure a Hyper-V VM using Powershell
- How to create a bootable Windows 10 USB
- The issue with mounting a file in Hyper-V
You can just disable secure boot under settings and it will work just fine. you don’t need to change to gen 1
Cheers to Armani….that fixed it for me!
Work for me. Thanks.
Awesome Armani you got it right
Make sure that .iso file has a bootable image file.
you can use poweriso to check if it’s bootable or not.
Fixed it for me – Thanks
Window 7 vm did not get pass installation screen, had to reconfig as Generation 1 for vm to load into windows 7.
Thanks. Its work
Great that it helped you Raquel and thanks for your comment!
Trying different linux distros with Hyper-V. Had to suffer the gen 1 for a long time.
Disable secure boot did the trick. Gen 2 installation ongoing as I write.
Thanks for the help Daniel!
Thanks for the comment Kalev, glad the article helped you!
Unfortunately this does not work for a Win11 VM. Secure Boot, TPM 2.0 must be enabled.