1. Restart Cryptographic Services
- Open Command Prompt (Admin) and run:
net stop cryptsvc
net start cryptsvc
- This refreshes the cryptographic services required for update validation.
2. Clear Windows Update Components
- Open Command Prompt (Admin) and run:
net stop wuauserv
net stop bits
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 catroot2.old
net start wuauserv
net start bits
- This forces Windows to re-download updates and cryptographic catalogues.
3. Run System File Checker (SFC) and DISM
- Open Command Prompt (Admin) and execute:
sfc /scannow
DISM /Online /Cleanup-Image /RestoreHealth
- These tools repair corrupted system files and restore Windows image integrity.
4. Check Disk for Errors
- Run the following in Command Prompt (Admin):
chkdsk C: /f /r
- This scans for and repairs bad sectors that may corrupt update files.
5. Temporarily Disable Antivirus/Firewall
- Turn off third-party antivirus or firewall.
- Retry Windows Update.
- Re-enable protection once updates are installed.
6. Reset Windows Update via Troubleshooter
- Go to Settings → Update & Security → Troubleshoot.
- Select Windows Update Troubleshooter.
- Let it scan and apply automatic fixes.
7. Manually Install Updates
- Visit the Microsoft Update Catalogue.
- Search for the KB number of the failed update.
- Download and install it manually.
8. Use Windows Update Assistant
- Download the Windows Update Assistant from Microsoft’s official site.
- Run the tool to bypass cryptographic key errors and install updates.