Windows 10 computer won't update
Server Fault Asked by Hagen von Eitzen on January 22, 2021
My PC (Windows 10 2004) will happily install all updates provided via the company WSUS.
But (in contrast to all other company client PCs) it fails to instal updates from Microsoft directly.
It keeps saying that "important security and quality fixes are missing" (which is the reason why I wanted to check directly with MS in the first place), but when I click "Search for updates online with Microsoft", it fails with a message that no connection with the update service could be made. I should check my internet connectivity (as if …)
Windows troubleshooting for updates says that it cannot find any problems.
A (tiny) bit more helpful is the accompanying event: Id 36871, source SChannel, with internal error status 10013. Google results for this suggest various things such as
- enable SSLv3
- Make .NET 3.5 use TLS1.2
- clear system certificate list
- check clock synchronization
- check permissions to c:ProgramDataMicrosoftCryptoRSAMachineKeys
None of these helped in my case.
What else can I do? Is there a less generic interpretation of the event?
I also tried to use Wireshark and see what happens during the failed attempts. It seems as if a few https (TLS1.2) connections with slscr.update.microsoft.com are being established successfully, but with merely about 64 bytes of payload. By their nature, I can’t look deeper into the conversations.
2 Answers
If you would like to fix WSUS instead, make sure that you have selected Windows 10 1903 or later as a product in WSUS which you want to download patches for.
For some reason Microsoft split patches for Windows 10 into Pre-1903 (confusingly named just Windows 10) and 1903 or later.
This would explain why you're not getting any patches for your machine running Windows 10 2004, since if you don't select the "newer" Windows 10 product you won't get any patches to approve.
Answered by Stuggi on January 22, 2021
Please check the relevant group policies settings. Because you are using a WSUS in your network, it is common to ban Windows from using the MS Update servers. Which in your case should not be this way, instead use the setting in the picture.
I'll try to find the English text if you did not manage to understand it.
Answered by Chris9834 on January 22, 2021
Add your own answers!
Ask a Question
Get help from others!
Recent Answers
- Lex on Does Google Analytics track 404 page responses as valid page views?
- haakon.io on Why fry rice before boiling?
- Peter Machado on Why fry rice before boiling?
- Jon Church on Why fry rice before boiling?
- Joshua Engel on Why fry rice before boiling?
Recent Questions
- How can I transform graph image into a tikzpicture LaTeX code?
- How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
- Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
- Need help finding a book. Female OP protagonist, magic
- Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?