Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows Server 2008 R2 64-bit - not receiving Windows OS Updates

Posted on 2012-03-18
11
Medium Priority
?
1,185 Views
Last Modified: 2012-08-14
Hi Experts,

Our main server is running Windows Server 2008 R2 64-bit.
Because I heard about the security issue MS12-020, I checked the status of our Windows Updates a few days ago and was shocked to see that none were being downloaded or installed.
I did download and install the MS12-020 patch from the MS website.

The Windows Update history (see attached) shows we are getting Office updates, but not any updates related to the Windows OS.

The Windows Update configuration page (see attached) has the text:

Your receive updates:   Managed by your system administrator
I am logged in as system administrator.

I assume the issue relates to Group Policy or WSUS (we have it installed).

Regards,
Leigh
0001.jpg
0002.jpg
0003.jpg
0
Comment
Question by:LeighWardle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 
LVL 23

Expert Comment

by:Radhakrishnan R
ID: 37734220
Hi,

It's seems to be you have not configured the WSUS updates for your windows server 2008 64 bit OS. Make sure that you have configured it from WSUS>>Products and classifications and server 2008 server 64 also added in the list.
0
 
LVL 30

Expert Comment

by:IanTh
ID: 37734221
wsus is that doing your windows updates for windows thats why your only getting office etc

see
Update package KB2621440 addresses CVE-2012-0002 and update package KB2667402 addresses CVE-2012-0152. While CVE-2012-0152 has a lower severity rating than KB2621440 on affected versions of Microsoft Windows, the aggregate severity rating is Critical based on CVE-2012-0002. Customers should apply all updates offered for the version of Microsoft Windows installed on their systems

from http://technet.microsoft.com/en-gb/security/bulletin/ms12-020

turn of rdp unless you really need it and it doesn't seem likely any exploits are actually ussing it so if your server is behind a firewall just block rdp at the firewall

but it looks like kb2621440 is the fix not ms12-020
0
 
LVL 1

Author Comment

by:LeighWardle
ID: 37734615
I was not involved in the original configuration of Group Policy or WSUS.

But I believe that the Windows Updates were set up through Group Policy, not WSUS.

Under Group Policy Objects we have 2 Windows Update objects:

ASRC Windows Update Desktop Policy
ASRC Windows Update Server Policy.htm

Windows Updates to our Desktop Workstations are working OK.

I have attached the Report for ASRC Windows Update Server Policy.htm - if that helps diagnose the problem?
ASRC-Windows-Update-Server-Polic.htm
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 30

Expert Comment

by:IanTh
ID: 37734621
it might be as I said in my last post

kb2621440 is the fix not ms12-020
0
 
LVL 1

Author Comment

by:LeighWardle
ID: 37735536
Hi IanTh,

I have manually downloaded and installed update packages KB2621440 and KB2667402, so MS12-020 is fixed for us.

The problem remains - why haven't we received any Windows OS updates since 17 March 2011?

Regards,
Leigh
0
 
LVL 30

Expert Comment

by:IanTh
ID: 37736895
is wsus doing it on your lan ?

I think wsus updates itself and the wsus agent doesn't you have to do that another way

have you confirm no virus's are present as that could be stopping windows update

over the weekend there was so many updates from microsoft last week new updates every day

if wsus is doing it please confirm in wsus that the options for windows is ticked

you can do a manual windows update and bypass wsus I think
0
 
LVL 30

Expert Comment

by:IanTh
ID: 37736903
in wsus desktops os's are in a different option
0
 
LVL 30

Accepted Solution

by:
IanTh earned 2000 total points
ID: 37736910
see
http://erichagstrom.com/node/41

wsus is just a subset copy that you choose which options to download from the windows update database
0
 
LVL 1

Author Closing Comment

by:LeighWardle
ID: 37736960
IanTh,

http://erichagstrom.com/node/41 provided the workaround I needed.
I can now successfully check for updates.
I am downloading the one year backlog now!

Regards,
Leigh
0
 
LVL 30

Expert Comment

by:IanTh
ID: 37737088
so is wsus knackered for servers I expect like I said its a seperate option than desktops so you need to fix that I think if you have a 1 year backlog !
0
 
LVL 1

Author Comment

by:LeighWardle
ID: 37737217
It's interesting - after the Server was rebooted, the problem reappears!

The Windows Update configuration page (same status as 0003.jpg attached above) has the text:

You receive updates:   Managed by your system administrator
0

Featured Post

Optimum High-Definition Video Viewing and Control

The ATEN VM0404HA 4x4 4K HDMI Matrix Switch supports 4K resolutions of UHD (3840 x 2160) and DCI (4096 x 2160) with refresh rates of 30 Hz (4:4:4) and 60 Hz (4:2:0). It is ideal for applications where the routing of 4K digital signals is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question