SOLVED

Windows 11 Defender blocks internet access for W Updates, AAD and other system apps

New Contributor

I'm observing this strange behavior after updating to W11 from W10. The first problem appeared in the Outlook. It just stopped syncing and lost connection to cloud server. I tried to re-enter my account credentials by logging off. And this is where I stuck now. It seems that something somehow blocks access to the Internet from Office apps. Even for the activation / MS account login procedure. 

 

Dios22_0-1638805211696.png

 

Furthermore, I've checked the Windows Update function and got an error message (download problem). Same for the Outlook Troubleshooting app. It throws an error right after the start. Again, download problem.

 

I tried turning Firewall, Defender, Malware and File monitor off (through the Settings -> Security menu). Nothing helped. Finally, I tried my OpenVPN connection (to non-standard UDP port) and it does not work (unreachable)... And this is all with Firewall turned off!

 

Meanwhile, both Edge and Chrome works fine with or without firewall.

 

I hope there's something I'm missing and somebody have the solution for this.

 

----------------------------------------

 

This is what I have in Event log for the AAD:

 

Error: 0xCAA70004 The server or proxy was not found.
Exception of type 'class HttpException' at XMLHTTPWebRequest.cpp, line: 184, method: XMLHTTPWebRequest::ReceiveResponse.

Log: 0xcaa9004b Exception during nonce request.
Logged at ProofOfPossessionTokenRequestBase.cpp, line: 116, method: ProofOfPossessionTokenRequestBase::RequestNonce.

Request: authority: https://login.microsoftonline.com/common, client: 26a7ee05-5602-4d76-a7ba-eae8b7aaaa41, redirect URI: ms-appx-web://Microsoft.AAD.BrokerPlugin/S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651, resource: /cortana, correlation ID (request): c30cba43-fd6f-4137-8c0e-7316c43a3984

 

Error: 0xCAA70004 The server or proxy was not found.
Exception of type 'class HttpException' at XMLHTTPWebRequest.cpp, line: 184, method: XMLHTTPWebRequest::ReceiveResponse.

Log: 0xcaa1007b Acquire token failed.
Logged at AggregatedTokenRequest.cpp, line: 77, method: AggregatedTokenRequest::AcquireToken.

Request: authority: https://login.microsoftonline.com/common, client: 26a7ee05-5602-4d76-a7ba-eae8b7aaaa41, redirect URI: ms-appx-web://Microsoft.AAD.BrokerPlugin/S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651, resource: /cortana, correlation ID (request): c30cba43-fd6f-4137-8c0e-7316c43a3984

 

Error: 0xCAA70004 The server or proxy was not found.
Exception of type 'class HttpException' at XMLHTTPWebRequest.cpp, line: 184, method: XMLHTTPWebRequest::ReceiveResponse.

Log: 0xcaa1007b Acquire token failed.
Logged at AuthenticationContext.cpp, line: 442, method: AuthenticationContext::AcquireTokenInternal.

Request: authority: https://login.microsoftonline.com/common, client: 26a7ee05-5602-4d76-a7ba-eae8b7aaaa41, redirect URI: ms-appx-web://Microsoft.AAD.BrokerPlugin/S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651

3 Replies

Now I have following issues on W11:
1. I have removed Office from the PC completely. Now it is not possible to install it as the setup can't download any files. After approx. 2 minutes of doing nothing, the popup "Installation complete" shows up with broken title (string is missing), and nothing happened - office apps are still not installed.
2. Updates can't be downloaded and installed either. When I click on "Check for updates" it does nothing again, and then shows "Last check was X days ago".
3. Teams app shows 0xCAA7004
4. Any troubleshooting tools from MS site which require background downloads will throw connection errors (connection lost, connection broken .. etc.)

No Antiviral / Firewall software is installed except the included Defender.

It seems like I will have to do fresh install / hard reset, which is sad.

best response confirmed by Dios22 (New Contributor)
Solution
Hard resetting helped. The fresh install of W11 works fine. I had to reinstall office and other apps, but this time these were downloaded successfully.

Verdict: Be careful with upgrading.
The issue seems to be related with the TLS configuration. Try following the instructions described here: https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client
As soon as browsers can connect to the internet, I would imagine the issue is with the TLS support in .Net.

Therefore, try this first:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001

Please ensure you reboot the machine after applying the settings.
If the above does not help, try enforcing the TLS 1.2 in SCHANNEL
https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000
Please ensure you reboot the machine after applying the settings.