Windows 2022 Server may Updates have failed

Copper Contributor

Hello,

 

I have a Windows update issue. The may updates have failed. I ran the windows update troubleshooter and it said it made some changes but the updates still fail. I have several screenshots I will add at the bottom. I have tried the updates several times, but nothing worked.

 

After the reboots to remove the software that could not be updated The Windows Update screen had a error code to research:

 

0x8007054f

 

20240605_180318.jpg

 

20240605_175047.jpg

 

There is plenty of room on the C: drive

I don't know if the info on the second screen points to the issue or not, It was with the errors Event log area.

 

Any assistance and suggestions would be greatly appreciated.

9 Replies
This last attempt shows three updates that have failed:

2024-01 Security update for Microsoft server version 21H2 KB5034439

2024-05 Cumulative update for Microsoft operating system 21H2 KB5037782
2024-05 Cumulative update for .NET framework 3.5, 4.8, 4.81 21H2 KB5038282
I am getting an error on KB5037782 which is 8007000D and 8024200B.

So maybe I am not the only one?
https://techcommunity.microsoft.com/t5/windows-server-for-it-pro/server-2022-kb5037782-failed-error-...

What's your Get-WindowsUpdateLog show?

@IES_IT 

 

Log is too big but here is some info:

 

2024/05/29 17:13:51.1163100 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\downloadmanager.cpp, line = 18340
2024/05/29 17:13:51.1163151 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\downloadmanager.cpp, line = 18279
2024/05/29 17:13:51.1163184 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\updatemanager.cpp, line = 11519
2024/05/29 17:13:51.1163201 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\clientcallrecorder.cpp, line = 6917
2024/05/29 17:13:51.1164065 1872 2736 ComApi *FAILED* [80004002] ISusInternal:: IsImmediateInstallPreferred
2024/05/29 17:13:51.1164117 1872 2736 ComApi *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\comapi\update.cpp, line = 4200

 

 

2024/05/29 17:38:54.7055778 2612 6212 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\downloadmanager.cpp, line = 18340
2024/05/29 17:38:54.7055899 2612 6212 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\downloadmanager.cpp, line = 18279
2024/05/29 17:38:54.7055967 2612 6212 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\updatemanager.cpp, line = 11519
2024/05/29 17:38:54.7056002 2612 6212 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\clientcallrecorder.cpp, line = 6917
2024/05/29 17:38:54.7057929 1872 2736 ComApi *FAILED* [80004002] ISusInternal:: IsImmediateInstallPreferred
2024/05/29 17:38:54.7058037 1872 2736 ComApi *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\comapi\update.cpp, line = 4200
2024/05/29 17:38:54.8673619 1872 6148 ComApi * START * Federated Download ClientId = MoUpdateOrchestrator (cV = mJpprphGw0WziYgE.113.0)
2024/05/29 17:38:54.8675545 1872 7416 ComApi Federated Download: Starting download for 1 service(s) (cV = mJpprphGw0WziYgE.113.0)
2024/05/29 17:38:54.8675577 1872 7416 ComApi BeginMemberOperation download against service 9482F4B4-E343-43B6-B170-9A65BC822C77 (cV = mJpprphGw0WziYgE.113.0)
2024/05/29 17:38:54.8676104 1872 7416 ComApi * START * Download ClientId = MoUpdateOrchestrator
2024/05/29 17:38:54.8676112 1872 7416 ComApi Flags: 0X9000; Download priority: 2; Network Cost Policy: 0
2024/05/29 17:38:54.8676120 1872 7416 ComApi Updates in request: 1
2024/05/29 17:38:54.8676192 1872 7416 ComApi ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77} Windows Update
2024/05/29 17:38:54.8685185 2612 6212 DownloadManager Subscribing to heartbeat event.
2024/05/29 17:38:54.8690526 1872 7416 ComApi *QUEUED* Download ClientId = MoUpdateOrchestrator
2024/05/29 17:38:54.8690929 2612 8980 Agent Effective power state: AC; IsOnAC: Yes.
2024/05/29 17:38:54.8690974 2612 8980 IdleTimer WU operation (DL.MoUpdateOrchestrator) started; operation # 18198; does use network; is at background priority
2024/05/29 17:38:54.8691001 2612 8980 Agent Obtained a network PDC reference for callID {E978CBFD-B9DC-46EC-9F06-17630FE4D23B} with No-Progress-Timeout set to 4294967295; ActivationID: 18198.

System file checker reported no errors

Found a dated article that says
Error Code 0x80004002 is usually caused when the Wups2.dll file gets missing

here are some of the errors in the windows update log


Error Code 0x80004002 is usually caused when the Wups2.dll file gets missing
2024/05/29 17:13:51.1163100 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\downloadmanager.cpp, line = 18340
2024/05/29 17:13:51.1163151 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\downloadmanager.cpp, line = 18279
2024/05/29 17:13:51.1163184 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\updatemanager.cpp, line = 11519
2024/05/29 17:13:51.1163201 2612 3352 Agent *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\engine\agent\clientcallrecorder.cpp, line = 6917
2024/05/29 17:13:51.1164065 1872 2736 ComApi *FAILED* [80004002] ISusInternal:: IsImmediateInstallPreferred
2024/05/29 17:13:51.1164117 1872 2736 ComApi *FAILED* [80004002] file = onecore\enduser\windowsupdate\client\comapi\update.cpp, line = 4200
2024/05/29 17:38:52.9315572 2612 8980 DownloadManager Regulation Refresh Svc: {9482F4B4-E343-43B6-B170-9A65BC822C77}
2024/05/29 17:38:52.9315817 2612 8980 DownloadManager Contacting regulation server for 1 updates.
2024/05/29 17:38:52.9315939 2612 8980 IdleTimer WU operation (Regulator Refresh) started; operation # 18176; does use network; is at background priority
2024/05/29 17:38:53.0953770 2612 8980 SLS Get response for service 9482F4B4-E343-43B6-B170-9A65BC822C77 - forceExpire[False] asyncRefreshOnExpiry[False]
2024/05/29 17:38:53.0953866 2612 8980 SLS path used for cache lookup: /SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.20348.2322/0?CH=615&L=en-US&P=&PT=0x7&WUA=10.0.20348.2031&MK=ASUSTeK+COMPUTER+INC.&MD=P12R-E+Series

@L_Youtell_974 

 

Hello, I Thank you for the reply and suggestion.

I have tried several times, and I am currently trying it again to see what will happen.

 

If it fails again tonight, sometime this weekend I will disable all of the anti-malware and bypass the security protections to see if that matters.

 

THIS time I see that the 5038282 apparently installed correctly, but when I look at windows update it shows that it still needs the patch. I ran the Windows Update troubleshooter again and it says it had issues.

 

The only hint that the troubleshooter gives is:

WaaSMedicService

Issue found by : DynamicProtectionPlugin

 

The patch KB5037930 has applied successfully, via the Update History.

 

With the Cumulative Update failing and three patches needed, it will uninstall all three patch attempts if there is a problem as it has done several times. I will wait to see if windows update will reflect the success of  KB5038282 (aka KB5037930). Then I will be down to MS Defender Update and the May CU.

 

If it does not register as installed, I will run the WU again and see if it reports it as already installed.

I am down to just the May CU. I worked in network security for 25 years with over 50% of those years dealing with patches of all sorts, majority being MS. All I want to say is, if some patches work and apply successfully, then the process works, but this patch does not.

In the past I have found that several IP's which MS uses for storing patches also has some rather questionable domains which are separate from the MS, but reside close to them. That results in a bad reputation score for that IP or IP range and anti-malware and IPS style security vendor will add them to the block list.

In the next few days, I am going to go through the entire Windows Update History area and see if there are any other currently valid patches that may have failed and attempt to apply them as well.
To my side, from time to time we get some kb who doesn't want to install, so when that happen we try to manually install, if it work, we use SCCM to deploy the kb.
To respond to your question about the DeviceSetupManager, i have the exact some error but this is not about windows update but about an update drivers.
You can find some tips to below, but there are no really answer to this error except to contact microsoft.
https://answers.microsoft.com/en-us/windows/forum/all/why-am-i-seeing-lots-of-event-id-131/48e86fda-...

And below to see how thing progressing
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-it-fixed-a-windows-metadata-server-is...

For the kb who doesn't want to install you have to check with the powershell "Get-WindowsUpdateLog" and see what happen.