There are quite a few different errors that you may run into when using Hyper-V.
In this blog post, I explain the following error related to Secure Boot in Hyper-V, and how to solve it.
Below you can see the virtual machine boot summary of a machine in Hyper-V.
Boot Failed. EFI SCSI Device. Failed Secure Boot Verification
Description of the error
You are receiving this error because a Generation 2 machine in Hyper-V by default runs Secure Boot.
What is Secure Boot?
Secure Boot is a common security standard used by different PC industry players and was introduced with Windows 8 and Windows Server 2012. The idea with Secure Boot is that only trusted OEM software should start. This is carried out by the firmware checking signatures of everything booting up, such as:
- Boot software
- UEFI firmware drivers
- EFI applications
- The operating system
How to solve the error
There are two ways to solve the error.
These solutions are explained below.
Solution 1 – Create a generation 1 virtual machine in Hyper-V
If you want to run an older operating system as a guest, select Generation 1 when creating the Virtual Machine:
Solution 2 – Disable Secure Boot
The second solution is to disable Secure Boot under the VM settings for a Generation 2 Virtual Machine.
Disable Secure Boot for a Hyper-V machine using the Hyper-V Manager
Open Hyper-V Manager -> Right-Click -> Press Settings
Go to the Security tab and uncheck Enable Secure Boot. Secure Boot is enabled by default.
Disable Secure Boot for a Hyper-V machine using Powershell
An alternative to the Hyper-V Manager is Powershell.
Run the following command, replacing “VM1” with the name of your virtual machine.
Set-VMFirmware "VM1" -EnableSecureBoot On
When configuring virtual machines in Hyper-V, you must understand the difference between the different generations and how the new security features work.
Did you find this article helpful? Please leave a comment below!
- Microsoft Docs – Should I create a generation 1 or 2 virtual machine in Hyper-V?
- Microsoft Docs – Secure Boot