This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 28.000000000000004%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
I use Azure Update Automation for our on-premise servers. Starting with the July updates, all updates are failing on Windows Server 2019.
Tried using the GUI to install, they still fail. It gets stuck at "Downloading 100%".
Get-WindowsUpdateLog is showing this:
2020/07/30 01:05:45.6895363 9784 9920 DownloadManager The downloaded bytes (717341703) is greater than the expected total bytes (361211195).
2020/07/30 01:05:45.7061981 9784 9920 DownloadManager Attempted to resume update 4C46BBE8-DB9A-4297-8438-1F5AC3BA28DA for reason 0x6 (NetworkCost|Restricted), update is no longer suspended afterward.
2020/07/30 02:06:11.7055389 9784 7484 DownloadManager FAILED [80D02002] All available CDNs for the update 4C46BBE8-DB9A-4297-8438-1F5AC3BA28DA.1 are tried but the download job 35550A76-3E0C-4F8F-AD29-8E10EA264297 still failed.
2020/07/30 02:06:11.7056259 9784 7484 DownloadManager DO job {35550A76-3E0C-4F8F-AD29-8E10EA264297} failed, updateId = 4C46BBE8-DB9A-4297-8438-1F5AC3BA28DA.1, hr = 0x80D02002. File URL = http://2.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/f578faa5-8004-4d38-8354-76c1cd322ffb?P1=1596092914&P2=402&P3=2&P4=EK1XH9MRk%2fkjmEl3aUTWTZWVHGMOnHz93Y5t9kRQJUp3j7OukOxchj8O%2byXYaXtIA4BQDBz%2bM%2bewOSTdfA3YBQ%3d%3d, local path = C:\Windows\SoftwareDistribution\Download\07340c114cbcf6e391981020a016c587\Windows10.0-KB4559003-x64.cab
Thought it might be a firewall issue, but I can download from the URL in the logs fine. If I manually put the .cab file in SoftwareDistribution, the update will complete. This issue started with the July updates. Manually installing works fine for these, they just won't complete the download through the built in GUI or Azure Update Automation. Neither KB4558998 or KB4559003 will complete a download through the regular Windows Update GUI in the Settings or Azure Update Automation.
I tried resetting the updates via renaming SoftwareDistrubtion and catroot2 folders also to no avail.
I tried scf /scannow and dism /online /cleanup-image /restorehealth.
I tried disabling AV.
The issue occurs on every single of our servers, all running Windows Server 2019. I'm completely at a loss here. I can install the updates manually, but I'd love to have the update automation working again.
I found the issue! It is not related to windows or Microsoft at all. In fact, our Sophos XG Firewall was blocking traffic to valid CDNs. Once I allowed those false positive IPS signatures updates resumed normally!
If you have a Sophos XG and Windows Updates are failing, check this out:
Sorry guys these answers are not helpful. I'll see if I can get a ticket with MS as this looks like a bug to me.
Hi,
OK.
Sorry for the inconvenience and thank you for your understanding and patience.