Who Me Too'd this topic

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

KB4538461 Fails to Install via WSUS with Threat Prevention Module Installed

We're experiencing a peculiar issue where KB4538461 will fail to install when it's distributed via WSUS but install fine when manually applied via the .msu file from Microsoft Catalog. We're trying to install it on Windows 10 1809 machines.

Windows Event viewer is displaying the following: 

EventID 20:

Installation Failure: Windows Failed to install the following update with error 0x80246007. <patch name>

WindowsUpdate.log is showing entries with: 



2020/03/26 14:32:40.7147903 5956  11724 DownloadManager Generating download request for update 3630658E-AF88-44C6-B0AA-075DB3DFCAD6.200.
2020/03/26 14:32:45.7883820 5956  11724 Misc            *FAILED* [80070005] Failed to copy file from \\?\C:\WINDOWS\SoftwareDistribution\Download\bee4c9540b0fb930f2b3d8ab769d18e7\Windows10.0-KB4538461-x64.cab to \\?\C:\WINDOWS\SoftwareDistribution\Download\137076212a7d96e0c482a73f11e320d8\Windows10.0-KB4538461-x64.cab2020/03/26 14:32:45.7883849 5956  11724 Misc            *FAILED* [80070005] Method failed [SusMoveOrCopyDirectoryContentsHelperRecursive:1648]
2020/03/26 14:32:45.7884144 5956  11724 Misc            *FAILED* [80070005] Method failed [SusMoveOrCopyDirectoryContentsHelper:1728]
2020/03/26 14:32:45.7887961 5956  11724 DownloadManager *FAILED* [80070005] GDR2020/03/26 14:32:45.8611222 5956  11724 Handler         Loaded state: cCompleteIterations: 0, pt: Unknown, nNextRequestID: 0.
2020/03/26 14:32:45.8735219 5956  11724 DownloadManager *FAILED* [80070005] Error occurred while downloading update 3630658E-AF88-44C6-B0AA-075DB3DFCAD6.200; notifying dependent calls.

The only consistent solution that allowed WSUS to install the update was uninstalling the Threat Prevention module from the client. On a few machines, disabling Access Protection would suffice. but uninstalling Threat Prevention yielded the most consistent positive results.

Does any one have any idea why this could be happening? There are no threat events being generated whatsoever. I tried to exclude the following paths but it made no difference: C:\WINDOWS\SoftwareDistribution\Download .


Labels (1)
Who Me Too'd this topic

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community