Multiple users have reported a serious issue with the KB3033929 March Patch Tuesday update, one of 14 security updates destined for Windows 7 and Windows Server 2008 R2, which improves support for SHA-2 code signing on the aforementioned operating systems.
According to a poster over on the Microsoft Support forums, the patch can't be validated, which causes the system to reattempt it on the next boot:
“I'm having problems with the KB3033929 update from the latest run of Tuesday patches. After installation the PC reboots, but during the boot up configuration of the patch it fails and Windows starts reverting the configuration and reboots. And then it starts all over again a couple of times until it eventually boot into Windows.”
Although Microsoft has so far not replied to the topic, another user suggested that the GRUB boot loader was getting in the way of the installation, and by temporarily setting Windows as the default boot loader in the BIOS appears to fix the issue.
However, for those that aren't successful with this workaround, we suggest going to Control Panel, click on Windows Updates, look for KB3033929, right-click it and hit the “Hide this update” option.