Cannot get Windows update to run on Exchange server

Try this command that rebuilds WMI repository:

cd C:\Windows\System32\wbem\AutoRecover\
for /f %%s in ('dir /b *.mof *.mfl') do mofcomp %%s

CES,
Not sure what you are saying to run?
Can you verify the command?

I have run this on several servers.  Run it from an elevated command prompt.  Once it finishes check for updates again

CES,
This is what I get when I run it....
%%s was unexpected at this time.

oh sorry,  I pulled that from a batch file, run it without the second %:

for /f %s in ('dir /b *.mof *.mfl') do mofcomp %s

Ok I got the command to run thanks, but I am still getting the same error when I try to run the updates.

Is one of the updates your attempting to install one of the January monthly updates? Microsoft has started releasing updates that require AV vendors to be able to create a certain reg key (Microsoft is checking AV compatibility, something to do with accessing the Windows kernel memory). If an AV is not installed on the server, you may need to manually create the registry key to "Qualify" for future updates. Please review the link below:

https://support.microsoft.com/en-us/help/4056895/windows-81-update-kb4056895

https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software

Well there are two servers in the DAG and the passive server ran the updates just fine it is the active server that wont accept the updates so I don't think that maybe the issue

can you post \windows\windowsupdate.log ?

I found that there was a registry entry pointing to an old wsus server that is gone, so I removed that and reran the updates but it is still failing.

same error code?
did you try stopping windows update service, deleting everything in windows\software distribution folder, start windows update service and check again since you removed that registry entry?

Yes I did do all of that earlier but now I get the error : 80072EE2 Windows update ran into a problem

that is a timeout
can you check the local policy (assuming no GPO is in place for that setting) and see if anything is defined?
computer configuration -> administrative templates -> windows components -> windows update
make sure 'specify intranet microsoft update service location' is not configured which will tell it to use windows update directly

Well I still cant seem to get the updates to download to the server I keep getting the same error.

I still cannot get the updates to work on the server. Does anyone have any ideas on what I can do to resolve this.

well no resolution so will be calling Microsoft support.

got help from Microsoft support