Hey folks,
I've been grappling with some frustrating issues surrounding Windows Update lately, specifically with the update components acting up more often than before. This has been a real headache for us in IT support. Here's a bit about our setup:
- We manage Windows servers using WSUS, especially 2025.
- AVD instances rely on Windows Update for Business through Intune.
- Windows desktops are managed with Autopatch (also via Intune).
Each time, it's a different error code or even a generic one, and occasionally we run into corrupted system files. We're spending way too much time troubleshooting, and sometimes we even end up rebuilding or provisioning new devices, which isn't ideal for anyone involved. This even happens with devices that are freshly provisioned!
We've tried the usual solutions like DISM repair commands (CheckHealth, ScanHealth, RestoreHealth, etc.), SFC /Scannow, and a few PowerShell scripts. The Windows Update troubleshooter never seems to help either.
I'm reaching out to see if others are experiencing this too and what advice or solutions you might have. I'd love input on:
- Effective remediation tools or scripts
- Proactive measures, like monthly checks on Windows Update components
- Areas we should focus on to lower these cases, as I'm not sure where to dig in
- Monitoring tools to keep tabs on Windows Update functionality, as we only notice issues when updates are missing.
Thanks for any insights!
3 Answers
I've had pretty stable updates using NTLite without removing components. I typically work with WSUS code 99 on its own and steer clear of cloud services. I’d recommend focusing on creating a robust standard so you aren’t stuck fixing what seems unfixable. It might be a challenge, but a solid foundation can prevent a lot of these headaches.
Last time I had a WU issue, I resorted to booting from an ISO to sort it out. Nothing else seemed to work, and it was an upgrade from Windows 10 to 11 that caused the mess. While looking into third-party solutions might be worthwhile, I suspect the root issue is deeper within Windows Update itself.
I understand how tricky remote repairs can be! Having a remote-friendly solution that can reset update components could really streamline the process. I hope Microsoft considers developing more auto-remediation features for these kinds of issues.
It sounds like you're facing a significant challenge, and you're not alone. Microsoft is progressively moving away from on-premises solutions, recommending businesses to transition to cloud-based options like Intune and Azure Update Manager. If those aren’t viable for you, third-party alternatives such as ManageEngine Patch Manager Plus or PDQ Deploy can streamline the process. Also, automating your current practices into online workflows may save you time — think alerts, notifications, and automated maintenance tasks. Tools like Windows Server Update Services can still help if you're willing to dive into some custom development. Don’t forget, there are also some PowerShell scripts that can help you query issues more effectively. It sounds like exploring these options might help alleviate some of your update issues.
You're spot on about the frustration with Windows Update components, especially when it feels like they aren’t being fully supported. I did a similar switch to Intune and it certainly has its quirks, but staying on top of proactive solutions should help you manage the updates better.
Thanks for sharing your experience! I’d love to know if you think peering affects Windows Update? We’re not using custom images either, so I’m curious if integrity checks might play a role in avoiding these issues.