Windows 2008 Failing to install updates from Internet or WSUS
Windows 2008 R2 Server Failing to install updates
Windows 2012 R2 Server running WSUS 4.0
Other servers updating fine.
One update fails to apply this is after we lost power to the data center all machines came backup up with now errors
This is a physical box running Exchange Server 2010
The update is KB915597 Defender update
The server continues to report to the WSUS server every 6 hours per GPO policy in place
I ran this process on the server
Please try the following steps on your client:
1. Stop the Automatic Updates service and BITS service.
net stop wuauserv
net stop bits
2. Delete “%windir%\softwaredistribu
3. Start the Automatic Updates service and BITS service. When these two services
have been started, they will auto-create “softwaredistribution” and its subfolder
at system directory.
net start wuauserv
net start bits
4. After the “%windir%\softwaredistribu
let the client contact the WSUS server immediately.
wuauclt.exe /resetauthorization /detectnow
If the problem still exists, please check %windir%\windowsupdate.log
and post the error message in this thread
In the Windowsupdate.log I see this
2018-03-09 21:46:29:060 2040 40e8 Handler :::::::::::::
2018-03-09 21:46:29:060 2040 40e8 Handler :: START :: Handler: Command Line Install
2018-03-09 21:46:29:060 2040 40e8 Handler :::::::::
2018-03-09 21:46:29:060 2040 40e8 Handler : Updates to install = 1
2018-03-09 21:46:33:600 872 44f8 Report REPORT EVENT: {DB7183EE-B929-45D2-A94A-B
2018-03-09 21:46:33:600 872 44f8 Report REPORT EVENT: {71FAD36B-6DBD-42A9-B5CF-B
2018-03-09 21:46:33:974 2040 40e8 Handler : WARNING: Command line install completed. Return code = 0x8050a005, Result = Failed, Reboot required = false
2018-03-09 21:46:33:974 872 42c8 AU >>## RESUMED ## AU: Installing update [UpdateId = {3ADA6092-11BA-4C56-8EDE-4
2018-03-09 21:46:33:974 2040 40e8 Handler : WARNING: Exit code = 0x8024200B
2018-03-09 21:46:33:974 872 42c8 AU # WARNING: Install failed, error = 0x80070643 / 0x8050A005
2018-03-09 21:46:33:974 2040 40e8 Handler :::::::::
2018-03-09 21:46:33:974 2040 40e8 Handler :: END :: Handler: Command Line Install
2018-03-09 21:46:33:974 2040 40e8 Handler :::::::::::::
Any one have any ideas on what else I can try.?
Windows 2012 R2 Server running WSUS 4.0
Other servers updating fine.
One update fails to apply this is after we lost power to the data center all machines came backup up with now errors
This is a physical box running Exchange Server 2010
The update is KB915597 Defender update
The server continues to report to the WSUS server every 6 hours per GPO policy in place
I ran this process on the server
Please try the following steps on your client:
1. Stop the Automatic Updates service and BITS service.
net stop wuauserv
net stop bits
2. Delete “%windir%\softwaredistribu
3. Start the Automatic Updates service and BITS service. When these two services
have been started, they will auto-create “softwaredistribution” and its subfolder
at system directory.
net start wuauserv
net start bits
4. After the “%windir%\softwaredistribu
let the client contact the WSUS server immediately.
wuauclt.exe /resetauthorization /detectnow
If the problem still exists, please check %windir%\windowsupdate.log
and post the error message in this thread
In the Windowsupdate.log I see this
2018-03-09 21:46:29:060 2040 40e8 Handler :::::::::::::
2018-03-09 21:46:29:060 2040 40e8 Handler :: START :: Handler: Command Line Install
2018-03-09 21:46:29:060 2040 40e8 Handler :::::::::
2018-03-09 21:46:29:060 2040 40e8 Handler : Updates to install = 1
2018-03-09 21:46:33:600 872 44f8 Report REPORT EVENT: {DB7183EE-B929-45D2-A94A-B
2018-03-09 21:46:33:600 872 44f8 Report REPORT EVENT: {71FAD36B-6DBD-42A9-B5CF-B
2018-03-09 21:46:33:974 2040 40e8 Handler : WARNING: Command line install completed. Return code = 0x8050a005, Result = Failed, Reboot required = false
2018-03-09 21:46:33:974 872 42c8 AU >>## RESUMED ## AU: Installing update [UpdateId = {3ADA6092-11BA-4C56-8EDE-4
2018-03-09 21:46:33:974 2040 40e8 Handler : WARNING: Exit code = 0x8024200B
2018-03-09 21:46:33:974 872 42c8 AU # WARNING: Install failed, error = 0x80070643 / 0x8050A005
2018-03-09 21:46:33:974 2040 40e8 Handler :::::::::
2018-03-09 21:46:33:974 2040 40e8 Handler :: END :: Handler: Command Line Install
2018-03-09 21:46:33:974 2040 40e8 Handler :::::::::::::
Any one have any ideas on what else I can try.?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Get the Windows update troubleshooter from Microsoft and run it to diagnose/repair the situation.
You do MIT need to remove it from gpo, unless your gpo disabled access to ms.
Go through updates, and see if the option to check with Microsoft, the option is below the line where it says your system is managed by your administrator ir sonething like that.
Instead of rebooting, change the gpo, unblocking the allow admin to check with NS or sonething like that. Let the gpo refresh cycle to get the change.
You do MIT need to remove it from gpo, unless your gpo disabled access to ms.
Go through updates, and see if the option to check with Microsoft, the option is below the line where it says your system is managed by your administrator ir sonething like that.
Instead of rebooting, change the gpo, unblocking the allow admin to check with NS or sonething like that. Let the gpo refresh cycle to get the change.
ASKER
I found this information nd I get the same error trying to update defender signatures,
It is not a WSUS issue it is a defender issue
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\>cd %ProgramFiles%\Windows Defender
C:\Program Files\Windows Defender>MpCmdRun.exe -removedefinitions -dynamicsignat
ures
Service Version: 6.1.7601.18170
Engine Version: 1.1.14500.5
AntiSpyware Signature Version: 1.261.1644.0
Starting engine and signature rollback to last known good...Done!
Service Version: 6.1.7601.18170
Engine Version: 1.1.14500.5
AntiSpyware Signature Version: 1.261.1518.0
C:\Program Files\Windows Defender>MpCmdRun.exe -SignatureUpdate
Signature update started . . .
ERROR: Signature Update failed with hr=8050A005
C:\Program Files\Windows Defender>
Trying to update via the defender interface get same error
It is not a WSUS issue it is a defender issue
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\>cd %ProgramFiles%\Windows Defender
C:\Program Files\Windows Defender>MpCmdRun.exe -removedefinitions -dynamicsignat
ures
Service Version: 6.1.7601.18170
Engine Version: 1.1.14500.5
AntiSpyware Signature Version: 1.261.1644.0
Starting engine and signature rollback to last known good...Done!
Service Version: 6.1.7601.18170
Engine Version: 1.1.14500.5
AntiSpyware Signature Version: 1.261.1518.0
C:\Program Files\Windows Defender>MpCmdRun.exe -SignatureUpdate
Signature update started . . .
ERROR: Signature Update failed with hr=8050A005
C:\Program Files\Windows Defender>
Trying to update via the defender interface get same error
Check the windows update and the available updates offered directly from Microsoft.
T could be an optional updated that your wsus is not setup to pull, offer.
T could be an optional updated that your wsus is not setup to pull, offer.
ASKER
pointed to the internet for updates and still same error
It is a defender problem not an update from wsus issue.
see my previous post
It is a defender problem not an update from wsus issue.
see my previous post
ASKER
After restarting the server and removing it from wsus the problem continues.
This is not a WSUS problem.
Defender refuses to update
What else can we do?
This is not a WSUS problem.
Defender refuses to update
What else can we do?
Trying to manually download the defender updates from MS and applying them...
Try https://www.microsoft.com/en-us/wdsi/definitions?cb3bef8d-61e1-4d53-acd0-055767225c57=True
option to .....
The cause of this error seems to lead to a single update, in your case, KB915597 decline this update and see whether the subsequent updates for defender will load without an issue...
Try https://www.microsoft.com/en-us/wdsi/definitions?cb3bef8d-61e1-4d53-acd0-055767225c57=True
option to .....
The cause of this error seems to lead to a single update, in your case, KB915597 decline this update and see whether the subsequent updates for defender will load without an issue...
ASKER
Declined the updates and the next batch that came in failed.
WATF is wrong with defender on Windows 2008 Server not being able to update.
My other Windows 2008 server updates no problem.
WATF is wrong with defender on Windows 2008 Server not being able to update.
My other Windows 2008 server updates no problem.
Compare the defender updates on each.
ASKER
Defender on Working 2008 Server
Client Version 6.1.7600.16385
Engine Version 1.1.14600.4
Antispyware definitions 1.263.585.0
Defender on Failing Windows 2008 Server
Client Version 6.1.7600.16385
Engine Version 1.1.14500.5
Antispyware definitions 1.261.518.0
Defender is not updating
All other microsoft updates are working
Defender is failing everyday to update
Any way to uninstall defender? remove it totally and then reinstall it?
How do we fix a corrupt defender ????
Client Version 6.1.7600.16385
Engine Version 1.1.14600.4
Antispyware definitions 1.263.585.0
Defender on Failing Windows 2008 Server
Client Version 6.1.7600.16385
Engine Version 1.1.14500.5
Antispyware definitions 1.261.518.0
Defender is not updating
All other microsoft updates are working
Defender is failing everyday to update
Any way to uninstall defender? remove it totally and then reinstall it?
How do we fix a corrupt defender ????
ASKER
I uninstalled defender on the server with the problem
ASKER
Thanks
The article point to desktop OS's this is Windows 2008 Server
As you can see in my post I already removed the windows\softwaredistributi
I run a Weekly script that cleans the wsus updates I am currently running a manual one
This is my exchange server so removing it from wsus will take sometime because it is using the gpo provided I would have to restart the server to pick up a new gpo
Or I am thinking I can just change the registry settings
What you think?