1. Restart Cryptographic Services
- Open Command Prompt (Admin) and run:
net stop cryptsvc
net start cryptsvc
- This restarts the cryptographic service that validates security components.
2. Clear Credential Manager Data
- Press Win + R, type services.msc, press Enter.
- Locate Credential Manager → Restart it.
- Open Control Panel → Credential Manager.
- Remove any corrupted or outdated credentials.
3. Reset Windows Update Components
- Open Command Prompt (Admin) and run:
net stop wuauserv
net stop bits
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 catroot2.old
net start wuauserv
net start bits
- This resets the update cache and cryptographic store.
4. Run SFC and DISM Repair
- Open Command Prompt (Admin) and execute:
sfc /scannow
DISM /Online /Cleanup-Image /RestoreHealth
- Repairs corrupted system files that may break credential validation.
5. Re-register Cryptographic DLLs
- In Command Prompt (Admin), run:
regsvr32 softpub.dll
regsvr32 wintrust.dll
regsvr32 initpki.dll
regsvr32 mssip32.dll
- These files are vital for certificate validation.
6. Temporarily Disable Antivirus/Firewall
- Disable third-party antivirus/firewall software.
- Retry Windows Update.
- Re-enable protection after successful installation.
7. Create a New User Profile
Sometimes corrupted user profiles block credential services.
- Go to Settings → Accounts → Family & other users.
- Create a new account and assign admin rights.
- Log in with the new account and retry the update.
8. Manually Install Pending Updates
- Visit the Microsoft Update Catalogue.
- Search for the KB number of the failed update.
- Download and install it manually.
9. Use Windows Update Assistant
- Download the Windows Update Assistant from Microsoft’s site.
- Run the tool to install updates while bypassing credential-related errors.