Domain Controller not updating

Question

I have a Domain Controller that has not installed a cumulative update since July. All my other servers receive and install cumulative updates regularly - 2nd Tuesday of the month.

I have manually checked for updates. Only Microsoft Defender updates are found and installed.

I don't believe the last several cumulative updates apply only to other servers and not to a Domain Controller.

What could be wrong?

Answer 1

Hi Cliff 591,

Thank you for sharing these details. Based on your description, it seems that the Domain Controller has stopped detecting new cumulative updates, even though other servers in the same environment continue to receive them as expected. This usually points to a Windows Update servicing issue or corruption in the update cache or component store on the affected machine.

Please try the following steps to resolve it:

1. Run the Windows Update Troubleshooter from Settings > System > Troubleshoot > Other troubleshooters > Windows Update to detect and fix common issues.

Reset the Windows Update components manually by executing these commands in an elevated PowerShell:

net stop wuauserv
net stop bits
del /s /q %windir%\SoftwareDistribution\*
del /s /q %windir%\system32\catroot2\*
net start wuauserv
net start bits

Afterward, run sfc /scannow and DISM /Online /Cleanup-Image /RestoreHealth to repair any component store corruption.

Finally, try checking for updates again from Windows Update or via WSUS, if you’re using it.

If updates still don’t appear, please share the output of Get-WindowsUpdateLog or relevant entries from Event Viewer > Windows Logs > Setup so we can review further.

I hope this helps! If this resolves your issue, please don’t forget to click “Accept Answer” so others can benefit from it too 🙂