Have you experienced Windows 10 OS updates downloading, but failing to install on your system? Did the updates go up to about 90-95% and then say ‘Windows could not install your updates, rolling back changes’ or something similar? Is your system SecureBoot and/or UEFI enabled? Then this article should be for you.
Over a year ago, I bought myself a shiny new HP Pavilion laptop, that did not come with an SSD as standard. It had all the other bells and whistles for a great price, but I also felt it worthwhile to have a RAM upgrade and SSD installed into the laptop. Since Windows was installed on the HDD, it had to be migrated to the SSD to achieve the benefit of using an SSD.
For some time, the update of the Windows 10 operating system was going on fine, but since December of 2019, windows updates, despite downloading them successfully, were failing to install. This sort of failure, where updates failed to install were intrinsic to cumulative and feature updates, including the Windows 10 2004 update.
I had a go at all the self-help I could find; including even having long chats with the Microsoft community support team and still none of them could help sort my problem. Everything from DISM to SFC /scannow and Windows Update reset tool was tried, but none of those solutions solved my problem.
Then, when I contacted a Microsoft Support Official Team member, they suggested me to do a custom update of the OS, using the Windows Media creation tool. There was a trick to this, where if you could trick the Windows Update Media Creation tool website into thinking your browser was an iPad, you get a different website where you could download the latest image of Windows 10, without the need of a USB/DVD to install Windows 10 (i.e. Developer Tools> View as iPad). But sadly, that did not work too.
Then I came across something online regarding the disabling of SecureBoot and UEFI. When I disabled both in the BIOS screen of my laptop, the Windows Update worked and Version 2004 installed successfully, but due to the security issues regarding disabling SecureBoot and UEFI, I was recommended to enable both of them again. Even after enabling both UEFI and SecureBoot, consequent updates and upgrades were working fine without any install issue whatsoever.
I come from an era of computers where BIOS was the standard and there were little to no issues regarding Windows Update; probably the only issue was your broadband speed (my first connection to the internet was 56K dial-up and my first broadband was 512k ADSL). UEFI has its advantages, in the modern era of digital security and protecting yourself from highly advanced hackers, but also it can catch you off-guard when performing some basic IT maintenance like OS updates. More on UEFI to come when I acquaint myself with more information on the topic.
So, if you find yourself, like me, not knowing why your shiny new laptop is not installing any new Windows Updates, then try this trick: disable SecureBoot and UEFI and have a go again. It should work like a charm.
Other articles on my blog:
Mohamed Faizan Cassim 
Hello , Thanks for you piece. Have a good day
LikeLike