Windows Update problem #206
Comments
|
2.3.1 fixed? |
|
No, unfortunately. And version 2.3.2 neither fixed it. |
|
try allow BITS service see work or not |
|
or according to here |
|
Thanks @hesss5 , I tried adding BITS service and the only WinHTTP service there is on my Windows 10 1709, but still the same error... |
|
Happened to me all the time but eventually it stopped. I managed to fix it by running wu170509.diagcab, not sure the tool name but it looks like this https://support.microsoft.com/help/2714434/description-of-the-windows-update-troubleshooter Had to run that tool for every single update, for weeks. Windows 10 is just pure shit. |
|
@whytho2000 then i wonder why win10 runs here on three systems without problems. And no its not shit. If you dont like it, dont use it?! |
|
Thanks @whytho2000 , I have tried the troubleshooters and resetting all components, it doesn't fix the problem. |
|
@beerisgood pottery https://github.com/beerisgood/Windows10_Anti-Telemetry What, do you think I'm some redditor who chooses /r/linux or /r/windows10 like it's some kind of exclusive club? I think osx and linux are mostly shit, and I use them too, but I'm forced to use Windows 10 because things I need only runs there. It's just sad how much wasted potential W10 has when it could be the best OS out there if MS haven't decided to monetize the shit out of it instead of making a good OS @duttyend you need to disable the extra_ and spy_ filters too for it to work (when updating), I'm not sure which ones so I just disable them all, and several exe's that I can't remember exactly right now (but you'll get the notification) |
|
@henrypp 2.3.2 fixed! Windows 10 Ent - ok
|
|
@whytho2000 I disabled every spy_filter but it didn't solve the problem unfortunately... what makes me think it is due to a new change is because until version 2.3, everything was working fine |
|
I just installed 2.3.2 today (new user) and Windows Updates worked properly after installing simplewall. Seems like something on your end. |
|
I dont have problems after update to latest Version |
|
It's not a bug, it's feature. Old version of "Windows Update" system rule will allows ALL http/https traffic through New version of "Windows Update" system rule allows only People who do not have problems with WU, maybe you are allows |
|
will i disabled windows update. |
|
@henrypp You are right, it is related to the default blocking of svchosts.exe, which I disabled notifications for. I tried enabling notifications and could see the requests to connect to various IP addresses (mainly 13.74.179.117 and 64.4.54.18). |
|
@henrypp you're right. I allowed svchosts.exe entirely |
|
@beerisgood it's not good, it really not good, svchosts is a root of tree for telemetry in all window$ versions. |
|
No Problem. I disable telemetry in Windows and use PiHole |
|
@henrypp You may find this helpful https://support.microsoft.com/en-us/help/3084568 |
|
upd for v3: Here is final solution:
|
Thank you for feeding us with a solution! However, in my installation folder (portable), I don't have a "profile" directory. Should I just create one? |
@Tom4tot, "profile" directory is a directory where |
I confirm it's working perfectly. Thank you again! Don't forget you can select multiple entries and then checking them all together. :D |
|
How about the fact, that when simplewall asks about installing new version on startup, it can't actually install one, because an error like "simplewall is running, can't install" pop-ups? But if I open simplewall and manually check updates, then things go smoothly. Should I open a new issue? |
|
Володя - это не баг, просто закрой simplewall и нажми "продолжить". |
|
FYI for everyone, this should serve as an entry point for all searches on the similar queries. Right, the current rule on windows update only allows wuauserv service which is not enough since windows 8.1. Even more so on windows 10. For starters, on windows 10 you need to have ideally BITS and DoSVC services allowed as well. The latter one iirc is the one using p2p downloads for updates. The updates for UWP apps are done differently (that obviously apply only to win10). For universal apps you need wlidsvc, installservice and a microsoft store app itself to be allowed on the firewall. However the fundamental problem with updates now is that they don't use just one service context for threads.
More useful in-depth discussion here: Basically, people are left with a few options:
Alternatively, either install WSUS services in your LAN and link updates to it, or entirely skip automatic updates. Use either WHDownloader as per above, or simply discover https://www.catalog.update.microsoft.com and download them manually in your browser. |
|
Is there an update? I saw the custom blocklist is "not needed anymore": 4ae3330#diff-c1111bd512b29e821b120b86446026b8 |
|
FYI, on Windows 10 1903, this option doesn't work. I need to allow svchost.exe like it was already the case. Now that we have timers, it's not a huge issue but I just wanted to let you know. I'm not sure there's fix for W10 unfortunately. |
|
@Tom4tot yes, 1903 have significant changes and need to add some ip addresses into user rules (but do not enable svchost.exe, it's a shame) |
|
@henrypp I guess you mean Windows telemetry? Can be blocked with PiHole for example |
svchost is a service host, a lot of services (including telemetry, spying and other ~BS) can pass internet without reason. SW have a rules editor and logs of dropped packets, this feature has added for fine tuning of internet access. I know, a lot of people simply allow svchosts, but SW is for advanced users, not for "pros" like this. |
|
Windows 10 1903 updates fixed, thank you @crazy-max! |
|
Same as 446 - Windows Update doesn't work and despite enabling svchost.exe it still gets logged as dropeed: I have the allow ms updates enabled, but that alone doesn't fully work. I've had to add svchost at 443 until SW is working natively to allow WU |
|
@fredgolightly try allow MS apps too ( |
|
Seems to work, thanks! I'd rather have ms apps blocked while having ms update working, this seems a bit of a work around - could you perhaps look at integrating the extra_64... into the MS update setting rather than the ms apps one? Essentially, MSUpdate should allow ms update to work fully on its own |
|
It still doesn't work for me. I have a new laptop running Win10 pro, it came with version 1809 pre-installed. I installed simplewall 3.0.5, with the default settings. Windows update says it can't connect. I created a rule allowing port 443 for svchost.exe. Windows update gets a little further -- it reports that my device is missing important fixes, but then again says it can't connect to the update service. If I allow svchost.exe in general (without the port 443 rule), everything updates. Am I doing something wrong? Thanks, |
|
After getting my system to update to 1903, and applying all subsequent updates (and 4 or 5 reboots!) now Windows Update seems to work without allowing svchost or creating a 443 rule. I can't tell for sure, since there are no updates to download, but Check for updates shows no error message and appears to succeed. I suspect that the fixes that allow 1903 to work broke it working with 1809 (though this is really just wild speculation on my part). Thanks for your help, and for this software. |
|
I spoke to soon. After 20 minutes, I tried again, and update fails (can't connect to update service). I enabled the port 443 rule, and update succeeds. Removed the 443 rule and update fails again. I have seen this before on an older win10 system I have -- sometimes windows update will succeed, but then a short time later it will start failing again. Nothing has changed in the meantime. I do have update servers enabled in simplewall settings -- that's how it was set by default. |
It doesn't work for me, and I've restarted the PC with every change I made. :c! ---- EDIT 1 ---- Sometimes it works and sometimes it doesn't. 🙃 |
|
Hi @henrypp ! Setting "MS update servers" to "Allow" doesn't worked for me too—I got an error while trying to download an app from Microsoft Store. After looking into the log file, I've created the following rule for svchost.exe: Remote: 443;80 Local: 50745-50765 which allowed me to download/update apps from the Store. simplewall 3.1.2 64-bit Also, I know a working solution how to disable Windows Security center warnings for W10 Home 1909 (those solutions in the FAQ section don't work):
Hope it would be helpful |
|
Аналогичная проблема на Windows 8.1 x64 Pro. Причём обновление работает через раз. |
|
Use the svchost workaround provided here: If your PC has less than 4GB of RAM you might wanna also set service type to non-shared |
and others
Dear @henrypp ,
The new version (2.3.1.) introduced a regression regarding Windows Update (was working fine with 2.3, 2.2.12 and below).
Using Windows Update Mini Tool, I get those error messages :
[13:14:15]: Start Windows Update Service
[13:14:15]: Windows Update Service enabled
[13:14:17]: Searching for updates
[13:14:17]: An error has occurred: 0x80072EFD
My simplewall configuration is as follows (and was the same with 2.3) :
Settings > Rules > System rules > Windows Update enabled
On the main simplewall screen, I see that you added wuauserv to the list, I checked the box to include it in Allowed apps but I still get the same error.
Thanks a lot for your time !
The text was updated successfully, but these errors were encountered: