ESUs Enabled by Azure Arc - Servers not receiving update KB5032249 via Windows Updates, what's the deal?

Derek Clarke 5 Reputation points

I have two servers in ARC for testing to make sure that these ESUs work - and they don't seem to be.

Why is this update not being pushed to these servers via Microsoft Update?



Here are some screenshots of my Arc, both servers are either 8 cores or less, but I have provisioned 16 total cores to meet the minimums per VM.

Whenever I check for updates, all I get is this:


Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
234 questions
{count} vote

1 answer

Sort by: Most helpful
  1. SwathiDhanwada-MSFT 14,571 Reputation points

    Derek Clarke The information related to this patch is documented here. Sharing the same information below.

    Ensure that both the licensing package and SSU are downloaded for the Azure Arc-enabled server as documented at KB5031043: Procedure to continue receiving security updates after extended support has ended on October 10, 2023.

    If installing the Extended Security Update enabled by Azure Arc fails with errors such as "ESU: Trying to Check IMDS Again LastError=HRESULT_FROM_WIN32(12029)" or "ESU: Trying to Check IMDS Again LastError=HRESULT_FROM_WIN32(12002)", there is a known remediation approach:

    Download this intermediate CA published by Microsoft.

    Install the downloaded certificate as Local Computer under Intermediate Certificate Authorities\Certificates. Use the following command to install the certificate correctly:

    certutil -addstore CA 'Microsoft Azure TLS Issuing CA 01 - xsign.crt'

    Install security updates. If it fails, reboot the machine and install security updates again.

    If you have other issues receiving ESUs after successfully enrolling the server through Arc-enabled servers, or you need additional information related to issues affecting ESU deployment, see Troubleshoot issues in ESU.

    If there are further updates on this issue, I will post it here.

    0 comments No comments