Hello,
We have a big problem with updating Windows security patch. (MS23-SEP)
Even if the computers are relevant, a small portion of our it stock can not update since 4 months.
We have those exit code :
Do you have any idea of how could we manage this situation ? Is there any fixlet that could solve this problem ?
Thank you.
The exit code is coming from the patch process, so you need to find out what the exit code means - that should give you a starting point for fixing the failing machines
That error, HRESULT 0x800F0984, can occur when the endpoint can’t locate the source for optional components.
Say you have a other tools such as Microsoft ConfigMgr which you may configures updates to come from a WSUS server, if the files necessary for other components is not on the WSUS server, that error can arise. I found a posting on a forum by searching on the error code and it gives some links you can follow to apply change that may allow the update to install. https://forums.prajwaldesai.com/threads/windows-server-2019-error-0x800f0984.3836/
Thank you for your answers.
I tried everything you told me but the problem is still present.
I’ve even tried the .NET repair tool, unsuccessfully.
Do you have any other idea ?
Thank you.
It’s the fixlet named
“MS23-SEP: Cumulative Update for Windows 10 Version 22H2 - Windows 10 Version 22H2 - KB5030211 (x64)”
Great, on the affected machine. Go to “Setup” event log. Search for events from source “WUSA” in there please provide the detailed error
There it is :
Command succeeded (Exit Code=-2146498172) waithidden “C:\WINDOWS\system32\wusa.exe” “C:\Program Files (x86)\BigFix Enterprise\BES Client__BESData\Enterprise Security__Download\windows10.0-kb5030211-x64_3d513308b904db4f7ed0ca186b81d18f6a0de990.msu” /quiet /norestart (action:7074)
The error is coming from the Update itself, not from BigFix delivery of the update. It’s likely your Windows Update components or the Windows Component Store is corrupted. This is a fairly common occurrence.
Troubleshoot manually first on one of the problem systems. Back up any important data first, resetting the Windows components could introduce new problems, potentially even leaving the system unbootable, especially when you’re manipulating an already-corrupt installation.
Step through the troubleshooting tips at https://support.microsoft.com/en-us/help/971058/how-do-i-reset-windows-update-components and at https://learn.microsoft.com/en-us/troubleshoot/windows-server/deployment/fix-windows-update-errors (preferably using the DISM process)
Reboot the machine after going through all these steps and see whether the update can successfully install afterward.
IF these steps fix the machine, I’m working on a Task to bundle all these together and automate the repair, but this should only be attempted for machines that are having these specific problems (Windows Update components corrupt or Windows Component-Based Servicing store corrupt). Consider this a last-ditch effort before reimaging the corrupt machines.
@mickaplz what you have written is from the Client Log and not from the event Viewer - Go to “Setup” event log. Search for events from source “WUSA” in there please provide the detailed error.
In there you will see the actual WUSA error
what we have done in the past in those cases
2nd option
install the patch manually on these devices and see what error your getting, I agree that eventlog/bigfix logs might give some info but you will have to convert to hex value to see what error code means, installing it manually with switches following the process might give you some additional info
3th option
@JasonWalker already presented few fixes that you can perform on the machines, you can google those in some cases that might help also
Oh ok, I see now :
Windows update “Security Update for Windows (KB5030213)” could not be installed because of error 2149842974 “” (Command line: ““C:\Windows\system32\wusa.exe” “C:\Program Files (x86)\BigFix Enterprise\BES Client__BESData\Enterprise Security__Download\windows10.0-kb5030213-x64_9859eefc4c53e361d14e6f5cb4be332b8123f97c.msu” /quiet /norestart”)
Hello,
I have already tried the SoftWareDistribution folder, and the manual installation, the error is still present.
Thank you.
Ok, on the WUSA Error code list : 2149842974 means WU_E_SERVICE_STOP
Description: Operation did not complete because the service or system was being shut down.
Hadn’t got this error yet. I’ll search more information
Most likely as @JasonWalker mentioned on this case , I would go through https://learn.microsoft.com/en-us/troubleshoot/windows-client/deployment/additional-resources-for-windows-update to reset the Windows Update components.
Please keep us posted
Just to point out something, if this thing occur on other machines - Please make sure that you don’t have a faulty images / template - I had similar issue after I’ve made change to a template
Hey guys,
This
"Stop WUA agent
delete C:\Windows\SoftwareDistribution folder
start WUA Agent "
Permitted me to solve some computers (only a few but i’m happy with that lol)
For the others, i don’t have any idea …
Yeah, I was thinking the same about the faulty images, but it’s not me that manage this unfortunately I have to solve the problem of update 
Thank you guys if you have other ideas !
I have tried to reset the wu components, but it didn’t fix the problem.
Thank you though
How about the ‘dism restorehealth’ part?
I’ve just done it, the deploiement is in progress…
I hope it will works 
It did not work. 
Ok, then, you’re down to troubleshooting on the Microsoft side. Either open a support ticket with MS or your internal teams.
If it were my deployment, I’d probably reimage the machine, but this isn’t a BigFix problem at this point.