Problem with patching Windows

mickaplz 2023-09-29 14:04:21 UTC #1

Hello,

We have a big problem with updating Windows security patch. (MS23-SEP)
Even if the computers are relevant, a small portion of our it stock can not update since 4 months.

We have those exit code :

Do you have any idea of how could we manage this situation ? Is there any fixlet that could solve this problem ?

Thank you.

trn 2023-09-29 16:01:26 UTC #2

The exit code is coming from the patch process, so you need to find out what the exit code means - that should give you a starting point for fixing the failing machines

SLB 2023-09-29 16:13:24 UTC #3

That error, HRESULT 0x800F0984, can occur when the endpoint can’t locate the source for optional components.

Say you have a other tools such as Microsoft ConfigMgr which you may configures updates to come from a WSUS server, if the files necessary for other components is not on the WSUS server, that error can arise. I found a posting on a forum by searching on the error code and it gives some links you can follow to apply change that may allow the update to install. https://forums.prajwaldesai.com/threads/windows-server-2019-error-0x800f0984.3836/

mickaplz 2023-10-04 14:07:39 UTC #4

Thank you for your answers.

I tried everything you told me but the problem is still present.
I’ve even tried the .NET repair tool, unsuccessfully.

Do you have any other idea ?

Thank you.

orbiton 2023-10-04 14:21:47 UTC #5

@mickaplz Which Fixlet returned that error?

mickaplz 2023-10-04 14:28:01 UTC #6

It’s the fixlet named

“MS23-SEP: Cumulative Update for Windows 10 Version 22H2 - Windows 10 Version 22H2 - KB5030211 (x64)”

orbiton 2023-10-04 14:32:53 UTC #7

Great, on the affected machine. Go to “Setup” event log. Search for events from source “WUSA” in there please provide the detailed error

mickaplz 2023-10-04 14:39:48 UTC #8

There it is :

Command succeeded (Exit Code=-2146498172) waithidden “C:\WINDOWS\system32\wusa.exe” “C:\Program Files (x86)\BigFix Enterprise\BES Client__BESData\Enterprise Security__Download\windows10.0-kb5030211-x64_3d513308b904db4f7ed0ca186b81d18f6a0de990.msu” /quiet /norestart (action:7074)

JasonWalker 2023-10-04 14:59:52 UTC #9

The error is coming from the Update itself, not from BigFix delivery of the update. It’s likely your Windows Update components or the Windows Component Store is corrupted. This is a fairly common occurrence.

Troubleshoot manually first on one of the problem systems. Back up any important data first, resetting the Windows components could introduce new problems, potentially even leaving the system unbootable, especially when you’re manipulating an already-corrupt installation.
Step through the troubleshooting tips at https://support.microsoft.com/en-us/help/971058/how-do-i-reset-windows-update-components and at https://learn.microsoft.com/en-us/troubleshoot/windows-server/deployment/fix-windows-update-errors (preferably using the DISM process)

Reboot the machine after going through all these steps and see whether the update can successfully install afterward.

IF these steps fix the machine, I’m working on a Task to bundle all these together and automate the repair, but this should only be attempted for machines that are having these specific problems (Windows Update components corrupt or Windows Component-Based Servicing store corrupt). Consider this a last-ditch effort before reimaging the corrupt machines.

orbiton 2023-10-04 15:02:54 UTC #10

@mickaplz what you have written is from the Client Log and not from the event Viewer - Go to “Setup” event log. Search for events from source “WUSA” in there please provide the detailed error.

In there you will see the actual WUSA error

dgendera 2023-10-04 15:17:08 UTC #11

what we have done in the past in those cases

Stop WUA agent
delete C:\Windows\SoftwareDistribution folder
start WUA Agent
–> The above can be done through BigFix task/fixlet

2nd option
install the patch manually on these devices and see what error your getting, I agree that eventlog/bigfix logs might give some info but you will have to convert to hex value to see what error code means, installing it manually with switches following the process might give you some additional info

3th option
@JasonWalker already presented few fixes that you can perform on the machines, you can google those in some cases that might help also

mickaplz 2023-10-05 07:24:02 UTC #12

Oh ok, I see now :

Windows update “Security Update for Windows (KB5030213)” could not be installed because of error 2149842974 “” (Command line: ““C:\Windows\system32\wusa.exe” “C:\Program Files (x86)\BigFix Enterprise\BES Client__BESData\Enterprise Security__Download\windows10.0-kb5030213-x64_9859eefc4c53e361d14e6f5cb4be332b8123f97c.msu” /quiet /norestart”)

mickaplz 2023-10-05 07:42:06 UTC #13

Hello,

I have already tried the SoftWareDistribution folder, and the manual installation, the error is still present.

Thank you.

orbiton 2023-10-05 08:26:31 UTC #14

Ok, on the WUSA Error code list : 2149842974 means WU_E_SERVICE_STOP
Description: Operation did not complete because the service or system was being shut down.

Hadn’t got this error yet. I’ll search more information
Most likely as @JasonWalker mentioned on this case , I would go through https://learn.microsoft.com/en-us/troubleshoot/windows-client/deployment/additional-resources-for-windows-update to reset the Windows Update components.

Please keep us posted

Just to point out something, if this thing occur on other machines - Please make sure that you don’t have a faulty images / template - I had similar issue after I’ve made change to a template

mickaplz 2023-10-05 10:49:39 UTC #15

Hey guys,

This
"Stop WUA agent
delete C:\Windows\SoftwareDistribution folder
start WUA Agent "

Permitted me to solve some computers (only a few but i’m happy with that lol)

For the others, i don’t have any idea …

Yeah, I was thinking the same about the faulty images, but it’s not me that manage this unfortunately I have to solve the problem of update

Thank you guys if you have other ideas !

mickaplz 2023-10-05 11:50:25 UTC #16

I have tried to reset the wu components, but it didn’t fix the problem.

Thank you though

JasonWalker 2023-10-05 12:07:28 UTC #17

How about the ‘dism restorehealth’ part?

mickaplz 2023-10-05 12:15:52 UTC #18

I’ve just done it, the deploiement is in progress…

I hope it will works

mickaplz 2023-10-05 12:46:42 UTC #19

It did not work.

JasonWalker 2023-10-05 14:34:48 UTC #20

Ok, then, you’re down to troubleshooting on the Microsoft side. Either open a support ticket with MS or your internal teams.

If it were my deployment, I’d probably reimage the machine, but this isn’t a BigFix problem at this point.