Unexpected high network bandwidth consumption when clients scan for updates from local WSUS server

Dotyczy: Windows Server Update Services 3.0 Service Pack 2Windows 7Windows 8.1


Microsoft System Center Configuration Manager customers report high network bandwidth usage for environments that employ Windows Server Update Services (WSUS). Some instances of the behavior started on February 13, 2018, and some started on March 13, 2018.

Affected operating systems are Windows 10 (all builds), Windows 8.1, and Windows 7. Customers report remarkably high bandwidth usage on the WSUS TCP port.


The Microsoft Compatibility Appraiser, which is used for Windows Analytics, is querying Windows Update agent in such a way that the Appraiser causes the Update Agent to discard part of its cache of update metadata. When a scan is next run for updates by Configuration Manager or Automatic Updates, or when the user clicks Check for Updates, the metadata for these updates is downloaded from WSUS again.


To fix the issue, install the following updates, as applicable.

Windows version Windows update
Windows 10, version 1803 September 20, 2018—KB4458469 (OS Build 17134.319)
Windows 10, version 1709 September 20, 2018—KB4457136 (OS Build 16299.697)
Windows 10, version 1703 October 18, 2018—KB4462939 (OS Build 15063.1418)
Windows 10, version 1607 September 20, 2018—KB4457127 (OS Build 14393.2517)
Windows 8.1

October 18, 2018—KB4462921 (Preview of Monthly Rollup)

More information


Determine whether clients are using an affected version of the Microsoft Compatibility Appraiser. Check the modified date for the following binaries that are located in C:\Windows\System32, and verify that they are from February 2018 or a later date:


The Windows Appraiser is run through the scheduled task in Task Schedulers > Task Scheduler Library > Microsoft > Windows > Application Experience > Microsoft Compatibility Appraiser.

We have issued an update that limits how often the Appraiser runs the Windows Update query that causes this problem. This should help reduce bandwidth usage, although it may not fully eliminate higher-than-normal usage.

To receive the change, your clients must be able to access both of the following addresses:


You can determine whether clients received this update by checking the value for the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser: LastAttemptedRunDataVersion

The following values indicate that the client has received the update.

Operating system version

Client update value

Windows 10, version 1709

1704 or 1752

Windows 10, version 1703


Windows 10, version 1607


Windows 10, version 1511


Windows 10, version 1507


Windows 8.1


Windows 7


LastAttemptedRunDataVersion is updated when CompatTelRunner.exe is executed. This generally runs daily as part of the Microsoft Compatibility Appraiser scheduled task. However, it can be run manually without arguments:


Note This value varies between operating systems.

If clients are blocked from reaching these addresses, you have to unblock them.

Newer versions of CompatTelRunner.exe and Appraiser.dll

The following Windows updates use newer versions of CompatTelRunner.exe and Appraiser.dll that implement less frequent scanning. This avoids the need to unblock the URLs to obtain this update.

July 11, 2018

Windows version

Windows update

Windows 10, version 1709

June 21, 2018—KB4284822 (OS Build 16299.522)

Windows 10, version 1703

June 21, 2018—KB4284830 (OS Build 15063.1182)

Windows 10, version 1607

June 21, 2018—KB4284833 (OS Build 14393.2339)

Windows 8.1 Compatibility update for keeping Windows up-to-date in Windows 8.1
Windows 7 Compatibility update for keeping Windows up-to-date in Windows 7