[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More



Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers.

Share tech news, updates, or what's on your mind.

Sign up to Post


I just start using WSUS 2016. What happen if on a server I update from online and after use WSUS... Is WSUS will be able to see the new updates installed and just push what is missing?

OWASP: Threats Fundamentals
LVL 12
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.


My Windows 2008 r2 can't detect new update from WSUS. It gives me this error:

Windows Update Client failed to detect with error 0x80244010

I delete the folder C:\Windows\SoftwareDistribution
  • wuauclt /resetauthorization
  • wuauclt /detectnow
  • wuauclt /reportnow

Same error.

What can I do?

In WSUS except going to each computer groups, is there a way to search a computer and see in which computer group it's part of?

I have a few Win 2016 server vms that are having issues connecting to WSUS 6.3 which runs on Win 2012R2
The errors I get are

Logs show this

2018/06/05 07:45:14.5767492 680   4164  WebServices     WS error: There was an error communicating with the endpoint at 'http://WSUS.domain.com:8530/ClientWebService/client.asmx'.
2018/06/05 07:45:14.5767518 680   4164  WebServices     WS error: The server returned HTTP status code '500 (0x1F4)' with text 'System.ServiceModel.ServiceActivationException'.
2018/06/05 07:45:14.5767533 680   4164  WebServices     WS error: The server was unable to process the request.
2018/06/05 07:45:14.5767656 680   4164  WebServices     Web service call failed with hr = 8024401f.

Open in new window

I am able to load this page http://WSUS.domain.com:8530/ClientWebService/client.asmx
with this result.

Client Service

You have created a service.

To test this service, you will need to create a client and use it to call the service. You can do this using the svcutil.exe tool from the command line with the following syntax:

svcutil.exe http://wsus.domain.com:8530/ClientWebService/Client.asmx?wsdl

You can also access the service description as a single file:


Open in new window

Ive read so many articles about fixes in IIS< but none have worked, nor have there been and changes on WSUS server.
I have another WSUS on another domain and I'm having the same issue there.

On client side ive done the usual but no luck.

net stop wuauserv 
net stop cryptSvc 
net stop bits 
net stop msiserver 
Ren C:\Windows\SoftwareDistribution SoftwareDistribution.old 
Ren C:\Windows\System32\catroot2 Catroot2.old 

Open in new window

The client gets added to WSUS but shows not yet reported.

Ive deployed the new 2016 VM from few different templates with same result.

I have some other 2016 vms, from same templates from a while ago, and those are not showing this error. So I'm not sure why these new ones are.
I am currently with Ivanti formally known as Shavlik patch management.  My 3 year is about to expire, what I was paying for 3 years is now what I will have to pay for 1 year so we can not continue with Ivanti.   Does anyone have any recommendations on a patch management system that has a reasonably  price structure?


I assigned domain computer to group for update packages from WSUS server by GPO, and they are running well.
For the other computer dis-join domain, How to apply them ? I type “wuauclt /resetauthorization /detectnow” on each one, but they have still not connected to WSUS yet.
Anyone can guide me how to solve the issue ?
Environment: WSUS Server 2012 R2; Clients: Windows 7,10, 2012 R2.

Windows update not working on server 2012 r2 standard.

Tried the general Microsoft Site for the Update Readiness Tool


Tried the following Microsoft Site for general update failure.


Finally looked through the Windows Update Troubleshooting site. The manual approach requires registry settings so take great care.


2018-11-27      11:15:01:377      1976      224      AU      #########
2018-11-27      11:15:01:377      1976      224      IdleTmr      WU operation (CSearchCall::Init ID 6) started; operation # 4478; does not use network; is at background priority
2018-11-27      11:15:01:377      1976      224      Agent      *** START ***  Queueing Finding updates [CallerId = AutomaticUpdates  Id = 6]
2018-11-27      11:15:01:377      1976      224      AU      <<## SUBMITTED ## AU: Search for updates  [CallId = {BC718562-0D95-4F90-91B2-D3BD75D2FEE2} ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}]
2018-11-27      11:15:01:377      1976      224      Agent      SkipSelfUpdateCheck search flag set for serverId: 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782
2018-11-27      11:15:01:377      1976      224      IdleTmr      WU operation (CSearchCall::Init ID 7) started; operation # 4480; does not use network; is at background priority
2018-11-27      11:15:01:377      1976      224      Agent      *** START ***  Queueing Finding updates [CallerId = AutomaticUpdates  Id = 7]
2018-11-27      11:15:01:377      1976      224      AU      <<## SUBMITTED ## AU: Search for updates  [CallId = …
Working on a SBS2011 experiencing the usual SBS WSUS errors that create disk space issues. I decided to clean up the WSUS database by following two articles.

Reinstall WSUS on SBS tried removing from add and remove programs and it errors out. As mentioned in this article I proceeded to the document below to remove the role but have a database question prior to deleting.  

WSUS uninstall is failing I made the changes to the registry mentioned in this article and removed the role which completed successfully. Step 10 states, once WSUS is uninstalled, manually remove the WSUS content and/or database files from the hard drive. This is where I would like to clarify before deleting data. For obvious reasons I want to make sure what I’m deleting will not cause an instability.

My understanding of SQL is it’s installed on the C: partition below where the system databases are displayed. Rather than tamper with the SQL installation the only data I removed here was the log files which grew over 12G. FYI I copied them for further review.

SQL system files located C:\Windows\SYSMSI\SSEE\MSSQL.2005\MSSQL\ with the following folders:
LOG (12.8G) cleaned up the log files

On the D: partition there is D:\WSUS with the following folders:
SUSDB.mdb (26.5G)
SUSDB_log.ldf (2.6G)

I opened SQL Studio and see the following SUSDB database
Hi I have a test rig. The wsus server is online and we export the files and database to three separate. But identical rigs
Two work.
The other one remains at downloading updates for many days.

The permissions are the same. It’s the same database etc

Also if I rebuild the box it works fine with that export just won’t update next time

Any ideas ?

Windows 2012 r2
I cannot get some of the computers on my Domain to report to WSUS. I've tried many things including (taken from other sites):

1.      Press Windows key + Sand type Command Prompt (Admin).  
2.      Type these command and press Enter after each command:  
o      net stop wuauserv  
o      net stop cryptSvc  
o      net stop bits  
o      net stop msiserver  
1.      Rename SoftwareDistribution and Catroot2 folder. Type these command and press Enter after each command:  
o      ren C:\Windows\SoftwareDistribution SoftwareDistribution.old  
o      ren C:\Windows\System32\catroot2 Catroot2.old  
2.      Restart the BITS, Cryptographic, MSI Installer and the Windows Update Services by typing these command and press Enter after each command:  
o      net start wuauserv  
o      net start cryptSvc  
o      net start bits  
o      net start msiserver  

•wuauclt.exe /resetauthorization
•wuauclt.exe /r /detectnow
•wuauclt.exe /reportnow

The computers just will not report and therefore, won't download and install updates.I also noticed that no matter how many times I start the BITS Service, it keeps stopping again. It is very frustrating how much work is involved (client side) to keep computers talking to WSUS. Has anybody got any useful tips?
Angular Fundamentals
LVL 12
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

We use a GPO to direct all our workstations to get Windows Updates from a WSUS server.  

There are a lot of active domain workstations which their hostnames are not being seen when I do a search computer from the WSUS server.  

I have checked those workstation windows update history and they are getting updates.  It is just their names are not searchable on the WSUS server.  If I do a "Check for updates" on the workstations, I can search their names on the WSUS server again.

Is there a way to resolve this issue or we have to live with that?

Anyone knows, please advise.  

Thanks in advance.
I have 3 VM wsus servers.   1 in HQ site, 1 in Guatemala, and 1 in Mexico.  All runing Server 2012 R2

Each are stand alone wsus servers configured to download updates from microsoft.

Here is the problem, All 3 have the wsus content folder getting too large!.  The disk space on the wsus content drive is less than 5% free space left.

So i want to know the best way to clean up with the least amount of downtime.

I've already followed the recommendations in this link:  https://blogs.technet.microsoft.com/gborger/2009/02/27/what-to-do-when-your-wsuscontent-folder-grows-too-large/

We are not using any Downstream replica servers.

I could do a wsus reset command, but i first wanted your thoughts.  I plan to use a script in the future on a scheduled task.  But i dont want to pay any money for it.  Thanks
I have build up a new VM with WSUS role on Windows 2012 (Old WSUS server was on 2008).
On the new server under Administrative Console for WSUS its not showing any computers.
I have named the new server the same as old server, what do i have to do to start seeing computers under WSUS?
All computers are pointing to new server on group policy.

When pushing out updates via WSUS, there is one specific update (KB4462923) on three Workstations. When looking through the update history on each of the PCS, it says it failed with error code 80071A90.

These are 64 bit Lenovo machines and the update has installed successfully on other machines of the same model, all 64 bit.

Anyone have any insight as to why this would be happening?
Hello, i have a server 2012 R2 that i found out was running WSUS and using 2+TB. What is the best way to clean up all of this space its consuming?

We have an RDS deployment which consists of a RD connection broker server and 4 sessoin hosts.  All are running Server 2012R2.

Recently we have lost the ability to shadow sessions.  The connection appears to be made OK and the user is prompted to accept the connection however nothing then happens, if you try again it generates an error message saying the session is already being shadowed.  I have also tested it from the command line and the same issue occurs.

I have tried to install the recommended KB4057401 patch on the Connection Broker and the Sessions Hosts, but I get an error message saying "The Update is Not Applicable to your computer"  As far as I can tell all the pre-requisite updates are installed and I have redownloaded the patch to make sure it is the correct version.

We do run WSUS as well for updates but I can't actually see the update installed on the individual servers.

Hopefully someone can point me in the right direction, we don't rely on shadowing but it would be good to get it sorted :)

I am getting the error while I am trying to install monthly roll-ups above 300 mb.

Though it shows as pending restart, after the reboot the patch status is showed as failed.
Hello experts

I would like get details if windows update history for multiple desktops. Is there any way to do ?

I mean for windows 7, open windows update -) windows update history. I want to get this details. How do we get it ?

Hey fellow experts!

With WSUS, I need to deploy a ton of patches to computers in a test OU. If the updates run fine, how do I 'Re-deploy' the same set of updates to my users? I don't know of a way to go back in and approve them again, or how to find the EXACT updates? Any help is appreciated. Thanks in advance, guys.
JavaScript Best Practices
LVL 12
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.


I have build the SQL Server 2016 and installed the SQL instance SUSDB,  I have WSUS server  already in production, which is broken due ti SQL express  2017. I am unable to attach the database due number of error and service pack etc.

i have question how i can direct to  attach my wsus server to newly install SQL instance SUSDB on SQL server 2016, so WSUS server can bring into  working condition again.


I have a Windows Server 2012 R2 when I try to do an update I get the error on the screen saying:

Windows could not search for new updates.

Error found: Code 800B0001 Windows Update ran into a problem.

Our system is set to get downloads from WSUS which comes from a server running.

Windows SBS 2011 Standard.

Here is the error I get from the WindowsUpdate.log

2018-10-04      11:56:32:384      1000      17e4      Agent      *************
2018-10-04      11:56:32:384      1000      17e4      Agent      ** START **  Agent: Finding updates [CallerId = AutomaticUpdatesWuApp  Id = 50]
2018-10-04      11:56:32:384      1000      17e4      Agent      *********
2018-10-04      11:56:32:384      1000      17e4      Agent        * Online = Yes; Ignore download priority = No
2018-10-04      11:56:32:384      1000      17e4      Agent        * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2018-10-04      11:56:32:384      1000      17e4      Agent        * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2018-10-04      11:56:32:384      1000      17e4      Agent        * Search Scope = {Machine & All Users}
2018-10-04      11:56:32:384      1000      17e4      Agent        * Caller SID for Applicability: S-1-5-21-352409598-822902541-617630493-500
2018-10-04      11:56:32:384      1000      17e4      Agent        * RegisterService is set
2018-10-04      11:56:32:384      1000      17e4      EP      Got WSUS Client/Server URL: "http://Server1:8530/ClientWebService/client.asmx"

I want to run a report on my Windows Update Server to show list of computers that have contact the WSUS server.  

Is it possible to export the result to a CSV file?

Please advise how to do it.


We are running WSUS on a Windows 2016 server to deliver Windows Updates to our Windows 10 workstations.

There is a workstation which is not searchable in All Computer in the WSUS console.  Does anyone know why?  Checking the Windows Update history on the workstation, the last Windows updates being successfully installed was few months ago.  For some reason, the workstation has no issue receiving the Windows Malicious Software Updates.  

From the WSUS itself, is it possible to run a report to know which computer(s) are not able to successfully communicate to the WSUS server?

Many thanks.
in our company we want to install WSUS for multiple branches.
from main office we want to approve the updates.
I need to create  WSUS proposal drawing and PPT if someone can provide me a sample for the same it will be very helpful.

Thanks & Regards,
Mohammed Afroz
Hi Experts,

We have recently had some updates go through our company and they are crashing and/or blue screening many systems.

We have security and critical patches deployed automatically to workstations.

I haven't been able to pin point exactly which update it is and need to to stop it on the other systems and deny it in WSUS.  The only clue is update 434885.  

When I google, there are several.

Is there more than one of these that is known to crash systems?  What else can I do?  Has Microsoft addressed this?

I can't find anything concrete and didn't know if anyone knew exactly which updates these are.

Thank you,



Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers.

Top Experts In