Microsoft Windows is the most widely used desktop operating system in the world. That doesn't necessarily make it the best. For many of us, supporting it is how we make our living. One of the endearing and annoying features of this ubiquitous OS is the monthly patch update process. Most of the time it occurs seamlessly. It just kind of works in the background when you're not looking. However, there are times when it rears its ugly head and demands attention.Windows Server Update Services
In our company we run WSUS - Windows Server Update Services - to keep all our Windows desktops updated. In case you are not familiar with it, WSUS is Microsoft's free patch management tool. I don't know why they named it WSUS. I only use it to update my workstations. I don't trust it on the servers. I would rather manage that process myself. I'll install the updates on a non-critical server during the week to test them. I do the rest of the servers on the weekend.
But for the workstations it does a pretty good job - most of the time. It pushes them out after I approve them and then installs them late at night, usually with an automatic reboot when completed. I have trained my users over the years to ALWAYS leave their computers on to accommodate the patch process, the weekly AV scans and so that I can get into their workstations any time I need to work on them in the evening. They are pretty good about logging off.
Microsoft likes WSUS because it cuts down on the number of users hitting the Windows Update site. And that's what this post is really about. Microsoft has been slowly moving everyone over to Microsoft Update instead of Windows Update. If you don't know the difference then you don't do Windows support. OK, here's the main difference: In addition to OS patches, Microsoft Update takes care of your MS Applications like Office, SQL Server and Exchange.Repairing Microsoft Update the old way
Occasionally, the patch process will throw up. WSUS has a good monitoring and reporting feature that allows me to see at a glance which machines are struggling with the stuff Microsoft is trying to send to it. So I do a Remote Desktop session to the machine in question and run the process manually. I know something is really messed up when I get a 0x8024001D error or some other stupid hex number. That's when it used to get really annoying. Not any more.
I used to spend hours looking up ways to get around these errors. At one time I liked Scott Hanselman's method of renaming the c:\windows\SoftwareDistribution\Download to c:\windows\SoftwareDistribution\Download.poo. Someone on his blog actually asked if the .poo extension was necessary. I think he was teasing. After nuking the old folder, run the update again and all is well but it takes a long time to go through that long download and update process.Here is the "Simple Fix"
That's not really necessary. I have found that the easiest way to fix a Microsoft Update problem is to switch back to Windows Update from the "Change Setting" option on the left-side menu. Don't see it? Scroll down. Click on "Disable Microsoft Update software and let me use Windows Update only" and then click on "Apply changes now." After the silly thing asks if you are sure (duh!), it will then launch Windows update. Run it and then switch back to MS Update.
This process of switching from the newer method to the older one and then back again seems to fix a host of registry errors and other wastes of time. It is simple and fast and has almost always worked for me.