Hi,

I have several Windows 2012 R2 servers that keep trying to reinstall the same patch. KB4493446. 2019 - 04 Security Monthly Quality Rollup. (This is being install Via a Wsus server.)

The history actually shows that the patch install successfully, and there is no rollback. Yet every time I check for updates it keeps trying to reinstall. I have tried delete the SoftwareDistribution folder. 

I have download the Patch and tried a manual installation but it still tries to reinstall. It was stopping other patches from installing but after I installed all the other patches separably they installed. 

I assume that because its a security patch that it should be installed. 

I did read that there may be an old "Trigger" patch that need to be installed but I don't know what this patch is. See link

https://community.spiceworks.com/topic/2031124-server-2012-r2-windows-updates-installing-then-same-updates-re-installing

If anyone know a solution it would be great to hear it?

Thanks 

Craig 

Craig G

We have just build up WSUS at windows 2016, everything get working...and client's able to receive update via our WSUS server.

The server just build up last Monday only download Security Update, we have checked the log, not all the security update installed at user's PC , such as KB4480960 , log showing " the update is installed / not applicable on X PC.....

I   have double check the PC, there is no update calling KB4480960 , then i go to microsoft to download KB4480960 , i'm able to install manual, how to get this fix ?

because it is over one week now, but look like only 10-20 update installed at PC ( the PC never updated before )

Is there anyway i can do something at WSUS ？

please advise.

Thanks

Hello, 

none of my computers wont report to my WSUS Server, but show up in the Update Services Manager.

I have one Windows Server 2016 and one 2012, both wont report. 

The WSUS is using WID, not SQL.

WSUS was installed by the official Microsoft Manual.

I have tried serveral things including the following: 

On the 2012 Server:

wuauclt.exe /detectnow

 wuauclt.exe /reportnow

wuauclt.exe /resetauthorization /detectnow

On the 2016 Server:

$AutoUpdates = New-Object -ComObject "Microsoft.Update.AutoUpdate"

$AutoUpdates.DetectNow()

Tried to re-index the WSUS Database with this:  gallery.technet.microsoft.com/scriptcenter/6f8cde49-5c52-4abd-9820-f1d270ddea61

Changed the Port for the Reporting Server in the GPO, which is the wsus itself, to 80 instead of 8530

Restarted all servers several times.

The Permission for the Network Service Account should be right too,unfortunalty im not able to post screenshots now.

Am i supposed to get a IIS Default site when i enter http://wsusname:8530, because right now im only getting it when i use port 80. Im not getting an error page when i try with 8530, the page is just blank.

Hi,

I have been asked to provide proof for a certain scenario:

If a Windows machine (7,8.1 or 10) misses all updates for February 2019, it will get all the updates it missed in April 2019, via a commutative update form WSUS.

We are going through some auditing and trying to get my point across that if a machine misses January\February 2019 Windows updates, but receives updates in March\April, it is compliant and will not pose a security risk or is not missing any updates from the missed months.

Is someone able to refer me to a technical article that proves this. I can't find any and need this as proof.

Thanks,

Hello,

I have a few hundred computer's that I need to make sure are patched 100% at all times.

I noticed that Intel is releasing more and more notifications about vulnerabilities.

I continue to receive USCert notifications about display drivers, wireless, bluetooth, RST and so on being vulnerable.

I have a WSUS server in place, but I do not have the driver's class selected.

If I were to convert my WSUS server to reporting only and send the machines directly to the internet for updates and also turn on auto approvals for ALL classes and products, that way if a update is detected as needed, it would be installed...would these Intel and OEM driver updates come down via Windows update?

Hello

We have Dell System with windows 10 inbuild version 1703, 1709, 1803 operating system installed.

All these  specific version showing 100% in WSUS server but if we checked manually into it from last 2018 the microsoft update not installed. When trying to check manually we face error message. The machines communicating with WSUS Server properly. Machines getting group policy properly. Find attached some screenshots.

Approved updates via WSUS on April/22

updates are sitting 

here is the GPO  ... I know I have not enabled to install Automatic Updates immediate installation but do I need that?

Thank you

Hello,

My Windows Sevrer 2016 WSUS keeps crashing when I try to view large reports.

Below are the errors:

Faulting application name: mmc.exe, version: 10.0.14393.2608, time stamp: 0x5bd1383b
Faulting module name: KERNELBASE.dll, version: 10.0.14393.2848, time stamp: 0x5c7f626e
Exception code: 0xc000041d
Fault offset: 0x0000000000034078
Faulting process id: 0x1730
Faulting application start time: 0x01d4f46c3eb767c0
Faulting application path: C:\Windows\system32\mmc.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 2b91e4c6-da5d-4191-9b22-aa011d664b43
Faulting package full name: 
Faulting package-relative application ID: 

Application: mmc.exe

Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Microsoft.UpdateServices.UI.SnapIn.Dialogs.BaseReportDialog.RenderingComplete()
   at Microsoft.UpdateServices.UI.SnapIn.Dialogs.BaseUpdateComputerReportDialog.RenderingComplete()
   at Microsoft.Reporting.WinForms.ReportViewer.OnRenderingComplete(System.Object, System.ComponentModel.AsyncCompletedEventArgs)
   at Microsoft.Reporting.WinForms.AsyncReportOperation.EndAsyncExecution(System.Exception)
   at Microsoft.Reporting.WinForms.ReportViewer+<>c__DisplayClass1.<OnBackgroundThreadCompleted>b__0()
   at Microsoft.Reporting.WinForms.ReportViewer.ProcessAsyncInvokes()
   at Microsoft.Reporting.WinForms.ReportViewer.Reset()
   at Microsoft.UpdateServices.UI.SnapIn.Dialogs.BaseReportDialog.FormClose(System.Windows.Forms.FormClosingEventArgs)
   at System.Windows.Forms.Form.OnFormClosing(System.Windows.Forms.FormClosingEventArgs)
   at System.Windows.Forms.Form.WmClose(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)

Exception Info: System.Reflection.TargetInvocationException
   at Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.OnThreadException(System.Object, System.Threading.ThreadExceptionEventArgs)
   at System.Windows.Forms.Application+ThreadContext.OnThreadException(System.Exception)
   at System.Windows.Forms.Control.WndProcException(System.Exception)
   at System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)

Has anyone seen this issue and aware of a solution? Thanks

Hello,

I am in the process of testing my new WSUS server. I have one client connected to it. The server has synced several times.

When I check WSUS, it shows my machine needs 6 updates.

When I click "check online for updates from "Microsoft Update," no updates come down and the machine shows it is up-to-date.

Does anyone have any input as to why WSUS is showing that my machine needs 6 updates?

Overall, I am thinking my machine has never versions already, but I am not sure.

I have tried a resetauthorization /detect /report now, but this does not change what WSUS shows.

Note: these updates have yet to be approved as I am trying to compare to what MS is offering when I have my machine go directly to the web for updates. I am at a loss as to why I am seeing different results.

Any assistance would be appreciated. Thanks

it gets to 95% "downloaded" and no more  progress . I have restarted the server a few times but with no success.

windows log update: 

600-12-31 17:00:00.0000000 1200  3184                  Unknown( 28): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found).
1600-12-31 17:00:00.0000000 1200  3184                  Unknown( 28): GUID=a09e99c9-a6c4-3261-6004-3aafb80214f7 (No Format Information found).
1600-12-31 17:00:00.0000000 1200  3184                  Unknown( 120): GUID=c0f570a0-5783-3029-7367-c7496f95e60c (No .....

Hello,

I currently have a WSUS server that is set to autodownload and approve updates.

I am considering using WSUS for reports only and letting my win10 machines go to the internet for updates.

I have a few questions hopefully I can get answered.

1) If I use WSUS for reporting only, Can I Mark updates for removal and will the machines uninstall once they report into WSUS?

2) If so, can I mark specific device's (one or two machines) as "approved for removal" or is it a one and done..

Approve update for removal and it removed it from all systems?

Please advise.

Thanks

WSUS says my clients and servers need either KB4489488 and KB4489486 (.NET), depending on the OS. WSUS lists these as "Updates". However, if I go straight to Microsoft Update it says I don't need it, it isn't listed as an option update either. I am struggling to figure Microsoft out. I can't tell if this is a WSUS issue (don't think so).

Jason

What is the latest version of WSUS as of 1/3/2019 ?

My servers show version 6.3.9600.18838 running on 2012R2

On a Windows Server 2008 R2 SP1, I am unable to install KB4493472, which always fails with

Installation Failure: Windows failed to install the following update with error 0x8024200d: 2019-04 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4493472).

What I have already tried:

1. Running sfc /scannow, which gives a clean result
2. Running the System Update Readiness tool (found at KB947821 on support.microsoft.com), which also shows no errors
3. Removal of the %WinDir%\SoftwareDistribution folder
4. Installing the update manually with downloads from catalog.update.microsoft.com
   

None of the above have made any difference;  this update still fails to install.  The relevant section of WindowsUpdate.log contains:

...

2019-04-11    09:01:19:524     936    d8c    AU    All updates already downloaded, setting percent complete to 100
2019-04-11    09:01:19:648    3812    97c    Handler    WARNING: CBS called ResolveSource
2019-04-11    09:01:20:538     936    a10    AU    All updates already downloaded, setting percent complete to 100
2019-04-11    09:01:20:772    3812    97c    Handler    FATAL: CBS called Error with 0x800f081f,
2019-04-11    09:01:20:772     936    cfc    AU    >>##  RESUMED  ## AU: Installing update [UpdateId = {C8630C56-66BA-4F5F-8564-30D73F25BEB8}]
2019-04-11    09:01:20:772     936    cfc    AU      # WARNING: Install failed, error = 0x8024200D / 0x8024200D
2019-04-11    09:01:20:772    3812    ec8    Handler    FATAL: Completed install of CBS update with type=0, requiresReboot=0, installerError=1, hr=0x8024200d
2019-04-11    09:01:20:772    3812    ec8    Handler    :::::::::
2019-04-11    09:01:20:772    3812    ec8    Handler    ::  END  ::  Handler: CBS Install
2019-04-11    09:01:20:772    3812    ec8    Handler    :::::::::::::
2019-04-11    09:01:20:787     936    4e0    DnldMgr    Install failed because the update {87A05CC7-9216-4F54-8A7C-B732888AA710} was not complete; mark update as not downloaded.
2019-04-11    09:01:20:787     936    4e0    Agent    LogHistory called. idUpdate={C8630C56-66BA-4F5F-8564-30D73F25BEB8}.201, resultMapped=8024200D, resultUnMapped=8024200D
2019-04-11    09:01:20:787     936    4e0    Agent    *********
2019-04-11    09:01:20:787     936    cfc    AU    Install call completed.
2019-04-11    09:01:20:787     936    4e0    Agent    **  END  **  Agent: Installing updates [CallerId = AutomaticUpdates]
...

And an excerpt of CBS.log (that seems to apply) contains:

...

2019-04-11 09:01:18, Info                  CBS    Exec: Staging Package: Package_1638_for_KB4493472~31bf3856ad364e35~amd64~~6.1.1.8, Update: 4493472-4632_neutral_LDR, PinDeployment: amd64_e4822cf0ae2405da024528817dbaa38d_31bf3856ad364e35_7.6.7601.24085_none_fcacf8b0c370094d
2019-04-11 09:01:18, Info                  CBS    Exec: Staging Package: Package_1674_for_KB4493472~31bf3856ad364e35~amd64~~6.1.1.8, Update: 4493472-4702_neutral_LDR
2019-04-11 09:01:18, Info                  CBS    Exec: Staging Package: Package_1674_for_KB4493472~31bf3856ad364e35~amd64~~6.1.1.8, Update: 4493472-4702_neutral_LDR, PinDeployment: amd64_de052ec1b8076fd60bfd864a5134f012_31bf3856ad364e35_7.6.7601.24085_none_8959acdf028cdf1a
2019-04-11 09:01:19, Info                  CBS    Calling client to resolve source, cannot find file 'usbccgp.sys' at path: \\?\C:\Windows\SoftwareDistribution\Download\6ea408e302996a5e7f006433d356c2a3\amd64_usb.inf_31bf3856ad364e35_6.1.7601.24138_none_29961caa3e3c75d8\usbccgp.sys
2019-04-11 09:01:19, Error                 CBS    Exec: Failed to pre-stage package: Package_1674_for_KB4493472~31bf3856ad364e35~amd64~~6.1.1.8, file: usbccgp.sys, source: \\?\C:\Windows\SoftwareDistribution\Download\6ea408e302996a5e7f006433d356c2a3\amd64_usb.inf_31bf3856ad364e35_6.1.7601.24138_none_29961caa3e3c75d8\usbccgp.sys, sandbox: (null) [HRESULT = 0x800f081f - CBS_E_SOURCE_MISSING]
2019-04-11 09:01:19, Info                  CBS    Failed to gather all required files. [HRESULT = 0x800f081f - CBS_E_SOURCE_MISSING]
2019-04-11 09:01:19, Info                  CBS    Failed to gather all missing files for package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601.24411.1.8 [HRESULT = 0x800f081f - CBS_E_SOURCE_MISSING]
2019-04-11 09:01:19, Info                  CSI    00000014@2019/4/11:15:01:19.648 CSI Transaction @0xbc27e0 destroyed
2019-04-11 09:01:19, Error                 CBS    Failed to pre- stage package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601.24411.1.8 [HRESULT = 0x800f081f - CBS_E_SOURCE_MISSING]
2019-04-11 09:01:19, Info                  CBS    Perf: Stage chain complete.
2019-04-11 09:01:19, Info                  CBS    Failed to stage execution chain. [HRESULT = 0x800f081f - CBS_E_SOURCE_MISSING]
2019-04-11 09:01:19, Error                 CBS    Failed to process single phase execution. [HRESULT = 0x800f081f - CBS_E_SOURCE_MISSING]
2019-04-11 09:01:19, Info                  CBS    WER: Generating failure report for package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601.24411.1.8, status: 0x800f081f, failure source: Stage, start state: Staged, target state: Installed, client id: WindowsUpdateAgent
2019-04-11 09:01:19, Info                  CBS    Failed to query DisableWerReporting flag.  Assuming not set... [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND]
2019-04-11 09:01:19, Info                  CBS    Failed to add %windir%\winsxs\pending.xml to WER report because it is missing.  Continuing without it...
2019-04-11 09:01:19, Info                  CBS    Failed to add %windir%\winsxs\pending.xml.bad to WER report because it is missing.  Continuing without it...
2019-04-11 09:01:20, Info                  CBS    Reboot mark refs: 0

...

I have a ZIP file containing WindowsUpdate.log, CBS.log, and CheckSUR.log, if this would be useful.

Hello,

I have deployed SCCM (WSUS + Software Update Point role), synchronized updates and didn't see Visual Studio 2017 in list of products neither in WSUS nor in SCCM - VS2015 is the latest version I see. How to add VS2017 in WSUS product list or how to update VS's 2017 on our servers and computers using SCCM/WSUS? I see lots of such question in the Internet and see no answers.

Thank you.

Server: Windows Server 2016 Standard

WSUS: 10.0.14393.0

SCCM: 1802

Hi All,

We're having issue auto deploying updates to Windows 10 machines (Auto updating is working for Windows 7)

If I manually click the "check for updates" they appear and install with no issues so WSUS is pushing them out fine.

The WSUS GPO is the winning GPO in the environment, the GPO is set as follows:

Any ideas?

Cheers,

Hi, I have a regular issue with my WSUS box. It's Windows Server 2016 with 4GB of RAM, and WSUS regularly stops working on it.

In the Event Log, I get a SQL Server event form the WID with Event ID 17890:

"A significant part of sql server process memory has been paged out. This may result in a performance degradation. Duration: 0 seconds. Working set (KB): 301216, committed (KB): 698220, memory utilization: 43%%."

The next entry in the event log is typically under 10 minutes later, and it's 7 events from WSUS saying the various bits aren't working (13042,12002,12012,12032,12022,12042,12052,12072). These will continue until I reboot.

I've tried restarting the WSUS services once a week using the following Powershell, but this doesn't fix the issue:

Stop-Service WSUSService,W3SVC,'MSSQL$MICROSOFT*'
Start-Service 'MSSQL$MICROSOFT*',W3SVC,WSUSService

This executes ok but doesn't fix the issue. I thought restarting SQL Server would make it all start working again, but it doesn't. If I do a reboot, this does fix it every time. But, I'd rather configure my server better than force a reboot once a week.

I do already run cleanup scripts on the database, using the famous "run once a month database cleanup" script that MS wrote and put up on technet, that does the reindexing etc. I also run Invoke-WsusServerCleanup each night, do Declines once a month, and all the things you're supposed to do to keep your WSUS database clean and tidy and optimal, and as part of the install I set the IIS memory limit:

[int64]$PrivMemMax = 2.5GB / 1024 # Value in KB
Set-ItemProperty IIS:\AppPools\WsusPool -Name Recycling.periodicrestart.privateMemory -Value $PrivMemMax

But none of this seems to help with SQL Server needing to page out every so often, and at random times.

Can you suggest what I can do? If I can run some Powershell to set some limits or configure the SQL WID process better when I build the machine, this would be ideal.

Thanks.

Little background:

I have already deleted the SUSId registry keys to ensure the machine wasn't reporting due to a non-sysprepped installation.  I have triple checked GPO and the machine shows that it is pointing to the WSUS, client side targeting is enabled and the CST is set to a correct folder on WSUS.

I can browse to the WSUS from the client, I can actually receive updates from WSUS, and I know that this is the case because the network I am working on is only local, there is no connection to the internet.  I am at a loss for what remaining box can be ticked to get these machines to report to WSUS so I can track them.

Because of the nature of the network I am working on I cannot provide logs or screenshots but I can answer questions with information redacted.

Followed this: https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/2-configure-wsus

and this http://jackstromberg.com/2013/11/enabling-ssl-on-windows-server-update-services-wsus/ for setup SSL on WSUS.

Assigned/Bind a cert in IIS which was issued by our in house Microsoft Enterprise Root CA.  Currently only one server to which I am trying to deploy updates/patches Server 2016.  Our RootCA certificate is present in the Local Computer Trusted Root CA Store on the test server 2016 and also in the same location on WSUS server.

Client server 2016 is visible/reporting in the WSUS Unassigned Computers Group under Status "Not yet reported"  but not moving to the WSUS Group I created for WSUS_TestServers.  The GPO is setup correctly for client side targeting.

This is what I see in the windowslog file on the client/server 2016:

https://fqdn.local:8531/ClientWebService/client.asmx'.
2019/04/05 09:21:08.3073227 1364  1836  WebServices     WS error: The server returned HTTP status code '500 (0x1F4)' with text 'System.ServiceModel.ServiceActivationException'.
2019/04/05 09:21:08.3073232 1364  1836  WebServices     WS error: The server was unable to process the request.
2019/04/05 09:21:08.3073335 1364  1836  WebServices     Web service call failed with hr = 8024401f.
2019/04/05 09:21:08.3073338 1364  1836  WebServices     Current service auth scheme=0.
2019/04/05 09:21:08.3073341 1364  1836  WebServices     Current Proxy auth scheme=0.
2019/04/05 09:21:08.3073422 1364  1836  ProtocolTalker  PTError: 0x8024401f
2019/04/05 09:21:08.3073425 1364  1836  ProtocolTalker  SyncUpdates_WithRecovery failed. 0x8024401f
2019/04/05 09:21:08.3073467 1364  1836  ProtocolTalker  SyncUpdates round trips: 1
2019/04/05 09:21:08.3073471 1364  1836  ProtocolTalker  Sync of Updates 0x8024401f
2019/04/05 09:21:08.3073530 1364  1836  ProtocolTalker  SyncServerUpdatesInternal failed 0x8024401f
2019/04/05 09:21:08.3106381 1364  1836  Agent           Failed to synchronize, error = 0x8024401F
2019/04/05 09:21:08.3244305 1364  1836  Agent           Exit code = 0x8024401F
2019/04/05 09:21:08.3244314 1364  1836  Agent           * END * Finding updates CallerId = UpdateOrchestrator  Id = 1
2019/04/05 09:21:08.3327902 1364  1584  ComApi          *RESUMED* Search ClientId = UpdateOrchestrator
2019/04/05 09:21:08.3334744 1364  1584  ComApi          Updates found = 0
2019/04/05 09:21:08.3334751 1364  1584  ComApi          Exit code = 0x00000000, Result code = 0x8024401F
2019/04/05 09:21:08.3334755 1364  1584  ComApi          * END *   Search ClientId = UpdateOrchestrator
2019/04/05 09:21:08.3340164 1364  7288  ComApi          ISusInternal:: DisconnectCall failed, hr=8024000C
2019/04/05 09:28:39.2998832 1364  8100  Agent           Refreshing global settings cache
2019/04/05 09:28:39.2998843 1364  8100  Agent           WSUS server: https://fqdn.local:8531 (Unchanged)
2019/04/05 09:28:39.2998849 1364  8100  Agent           WSUS status server: https://fqdn.local:8531 (Unchanged)
2019/04/05 09:28:39.2998852 1364  8100  Agent           Alternate Download Server: NULL (Changed)
2019/04/05 09:28:39.2998855 1364  8100  Agent           Fill Empty Content Urls: No (Unchanged)
2019/04/05 09:28:39.2998858 1364  8100  Agent           Target group: WSUS_TestServers(Unchanged)
2019/04/05 09:28:39.2998861 1364  8100  Agent           Windows Update access disabled: No (Unchanged)
2019/04/05 09:29:08.3558987 1364  8128  Misc            Got WSUS Client/Server URL: https://fqdn.local:8531/ClientWebService/client.asmx""
2019/04/05 09:29:08.3559563 1364  8128  ProtocolTalker  OK to reuse existing configuration

------

Thank you

Hello,

Starting this morning 4/24/2019 I am seeing "VMware, Inc. - Net - 10/17/2018 12:00:00 AM - 1.8.10.0" appearing in Windows Update for the servers ... is it normal? what is this patch doing?

The date said 10/17/2018 but today's date is 04/24/2019!!!

Thanks,
Dom

Security / System Center Configuration Manager Current Branch / SQL