Windows Server 2016 Cummulative updates fail error 0x8007000d ERROR_INVALID_DATA Possible incorrect Registry settings?

jeremy5000 1 Reputation point
2022-04-21T21:53:44.357+00:00

I have a physical Windows Server running Server 2016 standard hosting two Hyper-V VM's emulating a Domain Controller and an RDS Machine and this is the second time I have run into Cummulative update installation issues on the Virtual RDS machine. The first time was documented here:

https://social.technet.microsoft.com/Forums/en-US/4b63d32c-0ae3-4d30-83d6-3f300437689c/windows-server-2016-standard-stuck-at-052019-cummulative-security-update-cpuinf-error-failed-to?forum=ws2016

This time the March 2022 Cummulative update (KB5011495) seems to be the problem and is now stopping the April 2022 update also. I have looked online and many users seem to be experiencing issues installing this update including another issue that I too seem to be having which is the machine freezing up every few days to the point of having to do a power button reset on the Virtual Machine after installing either KB5011495, or KB5011570, or both. That issue has not been resolved, but I'm tying it in to this one to hopefully help someone else, or even Microsoft fix this problem. So here goes with some backstory:

During my issue with the 05-2019 update I found out that I had some incorrect registry settings in my virtual RDS machine when it was compared to my Virtual DC and my physical virtual host. Now imagine my surprise when this time it seems to be the same issue with a different key. I haven't changed the key to match the other two machines yet because since I am having the frozen machine issues I'm not sure i want to completely install the update anyway, but based on the 05-2019 issue I am fairly confident that it will be the fix since the whole error trail is the same, but this time with the cdrom.inf instead of the cpu.inf. What I also find interesting is that the 05-2019 cummulative update was to address a CPU issue and it was the cpu.inf file that had the problem and this time the 03-2022 update addresses a cd-rom issue and it's the cdrom.inf that has the problem.

My ultimate question is: Why do the registry entries in my RDS machine not match the ones in my DC and Virtual Host when all of these machines were assembled at the exact same time? The attached screenshot shows the correct DC on the left and the problematic RDS on the right. And to add to that question, if Windows has the potential to set the registry settings the problematic way, why doesn't Microsoft write the patches to recognize these possible settings? I would suspect that many of the machines having these update issues that are struggling to find the common thread that causes them all to have the issues, all have these incorrect registry settings. Of course I can not prove that since I don't have the access to all these broken machines, but perhaps Microsoft does? My future concern is that if Microsoft is not made aware of this registry setting issue and they never address it then I will forever be plagued with update problems every time the update has to deal with one of these incorrectly set keys. Obviously I can't go into the registry and try to change them all, but maybe Microsoft can through some type of patch? I am just brainstorming here for solutions right from the beginning instead of waiting for a long thread of questions and answers to hopefully arrive at the final conclusion. I for one don't like reading a lot of extra useless information when my server and business are down and I'm looking for a good answer.

Just in case the screenshot gets removed or doesn't display correctly, here are the main two problematic entries in the registry key:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdrom typed out. The first pair is what my non-updatable RDS machine has and the second pair is what the other two completely updated machines have. The 05-2019 issue was basically the same, but with the intelppm key.

Wrong:
DisplayName REG_SZ CD-ROM Driver
ImagePath REG_SZ System32\Drivers\cdrom.sys

Right:
DisplayName REG_SZ @cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver
ImagePath REG_EXPAND_SZ \SystemRoot\System32\drivers\cdrom.sys

195299-regedit-screenshot-of-dc-and-rds-side-by-side-for.jpg

Thank you in advance for anyone who reads this and (1) explains why the registry settings are different and/or (2) can possibly provide a solution to this incorrect registry problem that doesn't involve a complete reinstall of windows. I also apologize in advance for any info I may have left out that is necessary to explore this problem. My hope is that this post leads to an end of the multi year battle with server 2016 and monthly cummulative security updates for many people.

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,416 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,423 questions
{count} votes