Microsoft has confirmed a widespread issue in Windows Server Update Services (WSUS) that prevents organizations from syncing with Microsoft Update and deploying the latest Windows updates.
Windows Server Update Services (WSUS) is a Microsoft product that allows businesses to manage and distribute Windows updates to computers within their network.
By default, WSUS synchronizes with Microsoft Update servers once a day, when it downloads the latest metadata on available Windows updates. Admins can change the frequency if they wish in the settings.
Since last night, Windows admins have reported that WSUS synchronization is broken, with event logs showing “A connection attempt failed” or .NET errors stating, “The operation has timed out,” when syncs were attempted.
“Is anyone having synchronization issues with their WSUS server? I started having issues last night and still cant get it to sync this morning. There does appear to be one sync that was successful in the middle of the night, but none since,” reads a Reddit topic about the issue.
Admins report that the synchronization began earlier this morning at approximately 12:30 am ET.
Microsoft has now confirmed the synchronization problem in WSUS and said that they identified a “problematic update revision in the storage layer” that is causing the issue.
“Devices trying to synchronize updates from Microsoft Updates using Windows Server for Update Services (WSUS) might fail to complete the synchronization process. As a result, updates cannot be deployed using WSUS or Configuration Manager,” reads a Microsoft advisory shared with BleepingComputer.
“WSUS synchronization tasks are frequently configured to occur automatically in business and enterprise environments, although manual tasks are also possible. Error logs for WSUS are usually found in the SoftwareDistribution.log file under C:\Program Files\Update Services\LogFiles\.”
“Common messages may include text similar to “Unable to connect to the remote server” and “A connection attempt failed because the connected party did not properly respond after a period of time”
Microsoft says that there are no workarounds at this time and that they are working on a fix.
While cloud attacks may be growing more sophisticated, attackers still succeed with surprisingly simple techniques.
Drawing from Wiz’s detections across thousands of organizations, this report reveals 8 key techniques used by cloud-fluent threat actors.
