It turned out a 3rd party monitoring app that had been installed on the same server was the issue. Once it was removed, the updates started working again. This is resolved.
WSUS Updates
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
I have around 300 PCs on my network, they are a blend of Win7, Win10 (1703) and Win10 (1709). Only 9 of the Win10 (1703) PCs will update. I haven't confirmed that those 9 are all of the Win10 (1703) in the environment. All use the same WSUS server and GPO. All were previously updating using SCCM but that was set up by a previous admin and started causing problems. We switched to WSUS and it worked for one month (1/18) on the Win7 and Win10(1703) that were part of the environment at the time. There were no 1709 PCs at that time. After their first successful update using WSUS, the SCCM client was uninstalled from all PCs. Not sure if that is relevant but probably worth mentioning. I've used ccmclean on one of the non-updating Win7 PCs with no change.
The Windows Update Troubleshooter fixes DB corruption and Service Registration being missing or corrupt. It will not fix "Some security settings are missing or have been changed" but it won't fix that on the Win10 (1703) PC that updates are working on.
All of the PCs can find updates to download but the Win7 and 1709 ones error when they start downloading with various codes 80244019, 80244010. I have also found 80072EFD errors in the windows update logs. I feel like I have exhausted every solution I could dig up on the internet. Does anyone have anything new to help explain this? All of the errors basically point to no communication to the WSUS server but they can find the updates and the Win10 (1703) PCs can talk to it fine.
I've also tried adding a firewall policy that allows exceptions for all of the Windows Update sites.
Please before you answer any obvious solutions, keep in mind I have 9 PCs that are updating fine and use the same GPO and WSUS server. It makes no sense, right? All PCs have the correct server location in the registry. IIS and WSUS configs have also been double checked.
Windows for home | Other | Windows update
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
3 answers
Sort by: Most helpful
-
Anonymous
2018-06-13T17:37:51+00:00 -
Anonymous
2018-06-06T14:43:08+00:00 I believe the previous SysAdmin updated Symantec Endpoint around the time this stopped working due to a compatibility issue with installation on Win10 (1709). It was updated to v14.0.3876.1100. I have since updated it again to 14.0.3929.1200. This update was done on all PCs though. I've tried disabling SEP on a client and the server. No change. No updates to drivers or any other security or clean up tools.
-
Anonymous
2018-06-05T23:22:44+00:00 Any 3rd party AV, Security, Cleanup, Driver update software ever installed?