내용으로 건너뛰기
AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post
re:Post 소개

TPM-WMI Event ID 1801 error on EC2 instance

0

Hello,

I did march Windows updates and after that I am experiencing an issue related to TPM-WMI. In Event Viewer of my all instances I have error with following details: Event ID: 1801 Source TPM-WMI

Error message: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here. DeviceAttributes: BaseBoardManufacturer:;FirmwareManufacturer:;FirmwareVersion:;OEMModelNumber:t3.medium;OEMModelBaseBoard:;OEMModelSystemFamily:;OEMManufacturerName:Amazon EC2;OEMModelSKU:;OSArchitecture:amd64; BucketId: 4a5a87bba6b025610d549158c7cbd027ce0469f100d7e4ef458d00f5db610753 BucketConfidenceLevel: No Data Observed - Action Required UpdateType: For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

This affects all my instances with Windows on that account with different instance types (t3a.small, t3a.xlarge, t3a.medium).

I would like to understand:

  1. Whether this issue is expected in AWS EC2 environments (especially if TPM is virtualized or not supported).
  2. If this error has any impact on system security or functionality.
  3. Recommended steps to resolve or safely ignore this issue.

If TPM functionality is limited or not fully supported in EC2, can you please confirm whether this error can be safely ignored or if there is a recommended configuration/workaround.

주제
컴퓨팅
태그
Amazon EC2
언어
English
질문됨 2달 전225회 조회
1개 답변
4
수락된 답변

This issue stems from the March 2024 Windows updates regarding Secure Boot DBX (revocation list) updates. Here is the breakdown:

  • Why it happens: Windows is attempting to write updated Secure Boot certificates to the UEFI firmware. In EC2 (Nitro-based instances), the virtualized firmware often restricts these OS-level write operations to maintain environment integrity.
  • Impact: There is no impact on system functionality or stability. Your instances will continue to boot and operate normally.
  • Security: While the warning suggests action is required, the risk in a cloud environment is negligible as there is no physical access to the hardware to exploit the bootloader vulnerabilities these certificates target.

Treat this as a cosmetic error. You can safely ignore Event ID 1801 or filter it out of your monitoring logs. AWS periodically updates their base AMIs with these certificates integrated, so the error may disappear when you eventually migrate to newer AMI builds.

see also:

전문가
답변함 2달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

관련 콘텐츠