training-scraper

Fix Windows 11 End of Service Error When Secure Boot is Disabled

draft · os-and-system windows-updatetpmsecure-boot

Generated by docuprocessor (prompt article/v3) · 2026-04-22 14:28

Source thread

thread_id: spaces/AAAA05BdS6s/threads/VSVaygMbFrE · 26 msgs · first 2024-12-19 · participants: Tech ATech BTech C

Tech A 2024-12-19 20:36
I noticed this in even viewer, So I decided to check windows updates
image/png image.png
**Windows Event Viewer log** dated **12/19/2024**, showing multiple **Event ID 44** Information entries from **WindowsUpdateClient** between 3:02:55 PM and 3:03:01 PM. One highlighted **Error entry** is visible at **3:02:55 PM**, also from **WindowsUpdateClient**, with **Event ID 20**, Task Category **"Windows Upd..."** The status bar at the bottom identifies the selected entry as **"Event 20, WindowsUpdateClient."**
Tech A 2024-12-19 20:36
(no text)
image/png image.png
**Windows Update settings page** displaying the message: *"Your version of Windows has reached the end of service."* The "Get the latest updates as soon as they're available" toggle is set to **Off**, and the "Pause updates" option is set to **Pause for 1 week**. No error codes are present; additional options visible include **Update history** and **Advanced options**.
Tech A 2024-12-19 20:37
Anyone know why a windows 11 PC, would say " Your ver of windows has reached end of service"
Tech B 2024-12-19 20:38
what ver of win 11? maybe its the original one?
Tech A 2024-12-19 20:38
ver 22H2
Tech B 2024-12-19 20:39
can u update to the latest ?
Tech A 2024-12-19 20:39
I'm on 23h2, shouldn't the PC allow it to be updated
Tech A 2024-12-19 20:40
I can check to see if I can do it manually
Tech A 2024-12-19 20:40
but the PC does not find anymore updates
Tech B 2024-12-19 20:47
thats sounds like a discrimination...
Tech A 2024-12-19 21:41
I believe this is the culprit. I have to wait until 5 before I can walk the office through enabling it.
image/png image.png
**Windows Event Viewer log showing Event 1796, TPM-WMI error**, timestamped 12/19/2024 at 4:21:56 PM. The error message reads: *"The Secure Boot update failed to update a Secure Boot variable with error Secure Boot is not enabled on this machine..."* Additional entries visible include two Kernel-Processor-Power warnings at 4:21:02 PM and a DistributedCOM warning at 4:22:00 PM.
Tech C 2024-12-19 21:49
Possible cause: ~ If win 11 was installed through bypass win11 requirements. ~ Check available space Check if it's compatible Optionally update through elevated CMD using: winget upgrade ~ Warning if it doesn't meet 11 requirements and you force update it, it might not turn on this error usually refers that BIOS has not enabled safe boot or TPM is not 2.0 ver
Tech A 2024-12-19 21:51
I tried using powershell commands to run the update. And to show available updates. It says that secureboot is not enabled, so I will walk the office through enabling it
Tech B 2024-12-19 21:52
but its WIn 11 already. How dod it get installed if TPM is not enabled?
Tech C 2024-12-19 21:52
bypass
Tech C 2024-12-19 21:52
Recently there are crashes on the latest update if win11 was installed through bypass
Tech B 2024-12-19 21:52
Windows warned everybody....
Tech C 2024-12-19 21:53
Check TPM ver
image/jpeg 1000003381.jpg
The image displays a portion of the **Windows 11 system requirements** page from **microsoft.com**, showing the following specifications: - **System firmware:** UEFI, Secure Boot capable - **TPM:** Trusted Platform Module (TPM) version **2.0** - **Graphics card:** DirectX 12 or later with **WDDM 2.0** driver - **Display:** HD (720p), greater than 9" diagonal, **8 bits per color channel** A partially visible section at the bottom references **Copilot+ PCs** requiring an NPU capable of **40+ TOPS** (trillion operations per second).
Tech A 2024-12-19 21:54
ok
Tech A 2024-12-19 21:57
seems like they have tpm
image/png image.png
**PowerShell TPM Status Output — `get-tpm` Command** The screenshot shows the result of running `get-tpm` in PowerShell (path: `C:\WINDOWS\system32`). Key readouts include: **TpmPresent, TpmReady, TpmEnabled, TpmActivated** all set to **True**; **TpmOwned** is **False**; **ManufacturerId: 1314145024**, **ManufacturerIdTxt: NTC**, **ManufacturerVersion: 7.2.3.1**, **ManufacturerVersionFull20: 7.2.3.1**. Additional values show **ManagedAuthLevel: Full**, **AutoProvisioning: Enabled**, **LockedOut: False**, **LockoutHealTime: 2 hours**, **LockoutCount: 0**, **LockoutMax: 10**, **SelfTest: {}**, and **OwnerClearDisabled: False**; **OwnerAuth** field appears blank.
Tech C 2024-12-19 21:58
RUN > tpm.msc look for specification version
Tech A 2024-12-19 21:58
(no text)
image/png image.png
**Windows Security Processor Details screen** showing TPM (Trusted Platform Module) specifications. Manufacturer is **Nuvoton Technology (NTC)**, Manufacturer version **7.2.3.1**, Specification version **2.0** (underlined in red). Supporting TCG Specs show PPI specification version **1.3**, TPM specification sub-version **1.59 (Tuesday, November 10, 2020)**, and PC client spec version **1.05**; red annotations highlight the TPM label and the Specification version 2.0 field.
Tech C 2024-12-19 21:59
Ok, that means secure boot is not enabled in BIOS :)
Tech A 2024-12-19 21:59
Well time to call the office
Tech C 2024-12-19 22:00
If bitlocker is ON, and you enable/disable secure boot it will lock the system or ask for key ⚠️
Tech A 2024-12-19 22:00
ok, ill check

Generated article

Unsaved edits.
draft