1. Check Internet and Date/Time Settings
- Ensure a stable internet connection.
- Go to Settings β Time & Language β Date & Time and enable automatic date and time synchronization.
- Retry Windows Update.
2. Reset Windows Update Components
- Open Command Prompt (Admin) and run the following commands:
net stop wuauserv
net stop bits
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 catroot2.old
net start wuauserv
net start bits
- This clears corrupted cache folders and forces Windows to download fresh update files.
3. Reset Winsock and Proxy Settings
- Open Command Prompt (Admin) and execute:
netsh winsock reset
netsh winhttp reset proxy
ipconfig /flushdns
- Restart your PC afterward to refresh network configurations.
4. Verify SSL Certificates
- Open Internet Options β Content β Certificates β Trusted Root Certification Authorities.
- Ensure Microsoft Root Authority certificates are valid and not expired. If necessary, install the latest root certificates through Windows Update or manually via Microsoftβs certificate update packages.
5. Disable VPN or Proxy
- Disconnect any active VPN sessions.
- Go to Settings β Network & Internet β Proxy and disable any configured proxy servers.
- Retry Windows Update after disabling them.
6. Temporarily Disable Firewall/Antivirus
- Turn off your antivirus or firewall software temporarily.
- Attempt the update installation again.
- Re-enable your protection once the update completes successfully.
7. Run SFC and DISM Commands
- Open Command Prompt (Admin) and type:
sfc /scannow
DISM /Online /Cleanup-Image /RestoreHealth
- These tools repair system file corruption that may be affecting secure connection processes.
8. Manually Install Updates
- Visit the Microsoft Update Catalog.
- Search for the KB number associated with the failed update.
- Download and install it manually to bypass update agent issues.