How We Fixed Windows Update Error 80245006

 

We were seeing Windows Update error 80345006 on several Windows Server 2012 R2 servers and none of the fixes I found helped. ESET Server AV was on each of these servers but I had already temporarily disabled protection but with no effect.

Later, we had decided to uninstall ESET AV just to see if that helped. But first we tried manually turning off options and the

    first one we tried resolved the problem!

ESET >> Settings >> Advanced Settings >> WEB & EMAIL >> Disable Application protocol content filtering under PROTOCOL FILTERING

This apparently disables all of Web Access protection and Anti-Phishing protection. Once this single option was disabled, Windows Update begin working again normally.

We made an incorrect assumption that using the ESET option to temporarily disable protection would have disabled ALL protection but this was not the case. Will try to update this post again once we hear back from ESET about this. Perhaps this is common knowledge but was not for our team. Hope this helps someone else with this problem.

Comments

  1. Same problem, same solution.
    Have you had a return from Eset ?
    Thanks !

    • Hi David – Thanks for reply and glad it helped. Yes I did hear back from ESET and their response follows below. I have not yet tried this but will later in January.

      Thank you for your reply and for uploading the requested logs.

      Windows Update servers use a non-standard certificate for communication. According to the exported settings, SSL-Filtering is being done on the servers via the ESET File Security software. This could be blocking communication to the desired server in this case.

      To correct this, please either disable SSL/TLS protcol filtering. Or please change the SSL/TLS protocol filtering mode to “Interactive Mode”, then click “OK” to effect the change. Please run Windows Updates and you can then permit the problematic certificate. Once this is done, you can change the SSL/TLS protocol filtering mode back to “Automatic Mode”.

  2. Lauren Parr says

    In the command window you need to type following commands, one by one and hit enter button from your keyboard each time to execute the command.
    net stop wuauserv
    cd %systemroot%\SoftwareDistribution
    ren Download Download.old
    regsvr32 %windir%\system32\wups2.dll
    net start wuauserv
    NET START BITS
    NET START WUAUSERV
    SC QUERYEX BITS
    SC QUERYEX WUAUSERV
    Check the Error is fixed if it’s not then going the next method.
    https://www.errorsolutions.tech/error/windows-update-error/
    Solution 2. Run DISM command with sfc /scannow command

    • This definitely seems to be a good solution if your Windows update cache has been corrupted. In our case it did turn out that the ESET antivirus was blocking TLS due to a problem with the certificate. Bye disabling TLS checking in ESET Windows update started working again.

Speak Your Mind

This site uses Akismet to reduce spam. Learn how your comment data is processed.