An update to improve the performance of update metadata processing on Windows Server Update Services

This article describes an update that further improves the reliability of Windows Server Update Services (WSUS). This update applies to the following: 

  • Windows Server Update Services 3.0 Service Pack 2 (SP2) on all applicable and supported platforms

Notes

  • This update includes the security update and fixes that were part of KB2938066.

  • This performance improvement is also available on:

Improvements

This update fixes the following issue:

  • WSUS update metadata processing can cause clients to time out and return a 0x8024401c error.

Update Information

How to obtain this update

Microsoft Download Center

This update is available for manual download and installation from the Microsoft Download Center.

Download Download the 64-bit update for WSUS 3.0 SP2 now.

Download Download the 32-bit update for WSUS 3.0 SP2 now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file. 

How to apply this update

We recommend that you synchronize all WSUS servers after you apply this update. If you have a hierarchy of WSUS servers, apply this update, and then synchronize your servers from the top of the hierarchy. To synchronize your servers in this manner, follow these steps. 

Note Before WSUS 3.0 SP2 servers (without fix 2828185 or later updates) can manage computers that are running Windows 8, Windows Server 2012, or a newer OS version, you must complete the following steps:

  1. Apply update 4039929 to the WSUS server that synchronizes with Microsoft Update.

  2. Start the synchronization.

  3. Wait for the synchronization to succeed.

Repeat these steps for each WSUS server that synchronizes to the server that you just updated.

More Information

Note The following steps aren't required if you have already installed update 2938066.

 

  1. Shut down the NLB service on each node in the NLB cluster. To do this, type the following command at a command prompt, and then press Enter:

    nlb.exe suspend

  2. Shut down IIS and the WSUS service. To do this, type the following commands at a command prompt, and press Enter after each command.

    iisreset/stop
    net stop wsusservice

  3. Make sure that no other services can access the database during the upgrade window. To do this, type nlb.exe disable at a command prompt together with the appropriate additional parameters for the port or application:

    disable {vip[{:Port | :all}] | all[{:Port | :all}]} {Cluster[:{Host]| all {local | global}}} Note In this step and in the following steps, press Enter after every command.

  4. Back up your database. For more information about how to back up a SQL Server database, see How to back up a database (SQL Server Management Studio).

  5. Upgrade each front-end computer individually. To do this, follow these steps:

    1. Set up WSUS. To do this, type one of the following commands at a command prompt, as applicable for your system:

      • WSUS-KB4039929-amd64.exe /q C:\MySetup.log

      • WSUS-KB4039929-x86.exe /q C:\MySetup.log

      Note You are not prompted to do anything else. The update process starts immediately.

    2. Review the setup log to verify that the upgrade was successful. To do this, type C:\MySetup.log at a command prompt.

    3. Make sure that IIS and the WSUS service are stopped. To do this, type the following commands at a command prompt:

      iisreset/stop
      net stop wsusservice

    4. Go on to the next computer.

  6. After all nodes are upgraded, start IIS and the WSUS service. To do this, type iisreset at a command prompt, and then type net start wsusservice on each node in the NLB cluster.

  7. Start the NLB service on each node in the NLB cluster. To do this, type nlb.exe resume at a command prompt.

  8. At a command prompt, type nlb.exe enable for all ports or applications that you disabled in step 3.

Note You must restart the computer after you apply this update.

Special considerations

  • If you use the Local Publishing feature from a remote WSUS console, after you apply the update to your WSUS Server, the remote WSUS consoles must also be updated so that the API versions match.

  • The IIS and WSUS services must be stopped to prevent the database from being accessed while the Network Load Balancing (NLB) clusters are upgraded. For more information about how to upgrade NLB, see the "How to upgrade NLB on all computers" section.

  • When a downstream WSUS 3.2 server is configured to communicate with its upstream server over HTTPS, TLS 1.0 must be enabled on both the upstream and downstream WSUS servers.

Note For WSUS 3.0 SP2, special considerations of earlier updates are also applicable because this update is cumulative.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×