November 27, 2010

Windows Update on 2008 failed for KB967723 with error code 80070490

We have begun rolling out Windows 2008 servers in our domain since last year. Patching has been generally smooth, other than the new Windows Update GUI which sometimes require a few manual initiated scans before new pending updates from Microsoft are detected (we patch all new servers with all latest Microsoft Updates before adding into our WSUS).

Few months back, while setting up a new 2008 server, I encountered one KB967723 update which kept failing to be patched, even after a few reboots and retries. The error code was 80070490.

As this update is listed critical and fixes vulnerabilities in TCP/IP processing, it is important to be patched so as to prevent any unwanted security loopholes. After some researching, it seems that the update fails due to the way the Windows Automatic Update in Windows 2008 runs this patch. Manual download and running the patch will fix this issue, though Microsoft did not list any known problems in Windows Automatic Update for this patch.

I have also noticed that this only seems to happen in an earlier 2008 image that we use. Newer 2008 SP2 images that we use to setup servers does not seem to require this patch, even with manual patching. Hence this patch may not be required for all 2008 servers.




Symptoms
  • KB967723 patch for Windows 2008 fails with error code 80070490
  • Repeated reboot and retries to patch with Windows Automatic Update still fails







To resolve

  1. Manual download and running of the patch (You may have to copy the files to the local server first)




No comments:

Post a Comment