question

SVSupport-2434 avatar image
0 Votes"
SVSupport-2434 asked RitaHu-MSFT commented

Importing KB5001633 in WSUS failed. Error Number 80131509

Hello,

We are currently trying to import kb5001633 in WSUS and we're getting an error number 80131509. Importing KB's update before is working just fine. I saw a potential solution from this post (see link below) but we would like to know before running this command if this added registry will not impose any sort of risk to the system. We would also like to know why we need to run this command now when importing KB's is working just fine before. If there are other potential solutions other this registry setting, it would be appreciated to have those shared as well. The recent changes to our WSUS is we upgraded our .NET Framework to 4.8.

https://docs.microsoft.com/en-us/answers/questions/97772/import-kb4497165-to-wsus-on-server-20162019-fail.html

If you have any questions or information about this, please don't hesitate to let us know.


Thanks,
SVSupport

windows-server-update-services
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

It seems there is no update for a couple of days. May we know the current status of the problem? Is there any other assistance we can provide?

0 Votes 0 ·
AJTek-Adam-J-Marshall avatar image
0 Votes"
AJTek-Adam-J-Marshall answered

You need to tell .NET to use TLS1.2 which is what the PowerShell code below does (Run it from an Administrative PowerShell Window).

 $Properties = @{
     Name = 'SchUseStrongCrypto'
     Value = '1'
     Type = 'DWord'
 }
    
 $null,'Wow6432Node' | Foreach-Object {
     Set-ItemProperty @Properties -Path "HKLM:\SOFTWARE$("\$_")\Microsoft\.NetFramework\v4.0.30319" -Verbose
 }
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RitaHu-MSFT avatar image
0 Votes"
RitaHu-MSFT answered RitaHu-MSFT edited

Hello SVSupport,

Thanks for your posting on Q&A.

The issue is more related with the TLS 1.2 just as Adam said above. Since Microsoft force to enable the TLS 1.2 in the past, a lot of WSUS servers failed to sync and import updates. Adding the SchUseStrongCrypto registry setting to enable the TLS 1.2 will be helpful.

In my opinion, there is no risk to operation system. A lot of workers have accepted the solution and it worked normally.

In addition, we could refer to this link to know more about enabling the TLS 1.2 on the site servers and remote site systems.

Hope the above will be helpful.

Regards,
Rita


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.