An issue has been identified in the Windows 8.1 Update that has caused Microsoft to pull the update from WSUS servers. Windows Server Update Services servers are servers within an organization that cache Windows Updates and help save bandwidth, speed up the update process, and enable isolated systems to remain updated.
Microsoft explained in a blog post to the WSUS Product Team Blog that they found an issue with KB2919355, or Windows 8.1 Update. After applying the update, computers were unable to communicate with WSUS 3.0 SP2 servers over HTTPS. The ironic part is that Microsoft has established Windows 8.1 Update as a security baseline; computers will not be able to receive future updates without having this one installed.
Microsoft is working on correcting the download and will reissue it at that point. The update can still be downloaded from the Windows Update Catalog or the Microsoft Download Center.
Microsoft plans to issue an update as soon as possible that will correct the issue and restore the proper behavior for Windows 8.1 Update KB 2919355 scanning against all supported WSUS configurations. Until that time, we are delaying the distribution of the Windows 8.1 Update KB 2919355 to WSUS servers.
In case, your computers were quick on the draw and already installed the update, Microsoft has the following workarounds available. Essentially, disabling HTTPS communication on the WSUS server will resume communication with the updated computers. After the update is corrected, you can then re-enable HTTPS.
- Enable TLS 1.2 (follow the instructions under More Information > SCHANNELProtocols subkey), or
- Disable HTTPS on WSUS
If you are using WSUS 3.2 on an operating system other than Windows Server 2008 R2, you may perform the following step to restore the scan functionality.
- Disable HTTPS on WSUS