Recently I noticed that my Windows 8.1 clients were not getting updates from WSUS 3.2.  After some searching I found it was an issue with HTTPS and the solution was to disable HTTPS or enable TLS.  So I enabled TLS on the Server 2008 R2 WSUS server and that fixed the issue with my 8.1 clients not getting updates except for Forefront Endpoint Protection 2010.   My SCCM server deploys the client fine but it is version 2.1 and normally the client and definition updates come from WSUS with the latest client version being 4.5.  However, my Windows 8.1 machines will not get the client updates even though they are automatically approved for all machines.

I am just wondering what else I can check or change to make sure my Windows 8.1 clients get the Forefront client updates as they should??   I am wondering if I manually install the 4.1 client update if it will take the client updates after that.   I only have about eight Windows 8.1 machines so if I have to do that by hand for now then I will and I think my organization will be moving to Server 2012 and SCCM 2012 this summer sometime.

NOTE:  It looks like Forefront is getting the definition updates just fine but even if I do a manual Windows update check the client/AV Engine updates do not even show up as an option.  Nothing in the update logs that I can see to shed any light onto the cause.

2 Comments   [ + ] Show Comments


  • Have you tried this KB ?
  • Yes, That update is already installed on the computer and got installed once I enabled TLS on my WSUS server. I tried to install it again manually and it stated it was already installed.
Please log in to comment

There are no answers at this time


Answer this question or Comment on this question for clarity