If you manage Windows Server Update Services for your organization, particularly with WSUS running on Windows Server 2012 R2, you might have been following the fun since last week’s non-security update release of updates on April 19th. KB3148812 was released that day to “enable Windows Server Update Services (WSUS) to natively decrypt Electronic Software Distribution (ESD) in Windows Server 2012 and Windows Server 2012 R2”. This is necessary for your WSUS to be able to sync and distribute Windows 10 feature updates.
Microsoft has since recalled the update so that it is no longer available to be installed. The WSUS Product Team Blog has since published three articles on KB3148812. The first post shares the original known issue of KB3148812 – that it can be skipped until Microsoft published Windows Update content or it can be uninstalled if you are unable to access the WSUS node or clients have difficulty connecting to the server. The second post has since been removed. It contained manual steps that could be taken if you have already installed the update. The third post indicates that the manual steps of running ‘wsusutil postinstall’ could cause further problems.
It is therefore recommended to not install KB3148812 if you have not already done so. Uninstall KB3148812 if you have installed it but not run the manual steps. Finally, if you have installed the update and run the manual steps, contact the blog author for direct assistance. A form to email the blog author is available from the blog post.
Yesterday, the ‘What you need to know about KB3148812, Part Two’ post was updated. It states that they have identified the root cause of the issue and are testing a fix. They will continue to work on the complete solution. The final fix will be released under a different KB number. Meanwhile, the comments section light up as people complain that the issue has been handled poorly, enterprise customers are made beta testers, and so on.