diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 94ec660c04..8f1ae7b130 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -1,6 +1,6 @@
 /** @file
 
-  The common variable operation routines shared by DXE_RINTIME variable 
+  The common variable operation routines shared by DXE_RUNTIME variable 
   module and DXE_SMM variable module.
   
 Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
@@ -2065,7 +2065,17 @@ VariableServiceSetVariable (
         (sizeof (VARIABLE_HEADER) + StrSize (VariableName) + DataSize > PcdGet32 (PcdMaxVariableSize))) {
       return EFI_INVALID_PARAMETER;
     }  
-  }  
+  }
+
+  if (AtRuntime ()) {
+    //
+    // HwErrRecSupport Global Variable identifies the level of hardware error record persistence
+    // support implemented by the platform. This variable is only modified by firmware and is read-only to the OS.
+    //
+    if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, L"HwErrRecSupport") == 0)) {
+      return EFI_WRITE_PROTECTED;
+    }
+  }
 
   AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
 
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
index 4c88eb6ff6..d3e0b7766e 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
@@ -1,5 +1,5 @@
 /** @file
-  The common variable operation routines shared by DXE_RINTIME variable
+  The common variable operation routines shared by DXE_RUNTIME variable
   module and DXE_SMM variable module.
 
 Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
@@ -2216,6 +2216,16 @@ VariableServiceSetVariable (
     }
   }
 
+  if (AtRuntime ()) {
+    //
+    // HwErrRecSupport Global Variable identifies the level of hardware error record persistence
+    // support implemented by the platform. This variable is only modified by firmware and is read-only to the OS.
+    //
+    if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, L"HwErrRecSupport") == 0)) {
+      return EFI_WRITE_PROTECTED;
+    }
+  }
+
   AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
 
   //