Microsoft has suspended distribution of the Windows 8.1 Update (KB2919355) to some enterprise customers after a bug was discovered that could cause some systems updated with the KB2919355 update, to stop scanning against Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2 or WSUS 3.2) servers which are configured to use SSL and have not enabled TLS 1.2.
Only users who have enabled HTTPS and have not enabled TLS 1.2 on their WSUS 3.2 servers and who are also using these WSUS 3.2 servers to manage PCs running the Windows 8.1 Update KB 2919355 are affected by this issue. Please note, while we do recommend the use of HTTPS on WSUS servers, HTTPS and TLS 1.2 are not enabled by default, says Microsoft in a blog post.
If you have already deployed the KB2919355 update on your systems, Microsoft suggests the following workaround.
If you are using WSUS 3.2 on Windows Server 2008 R2:
- Enable TLS 1.2 or Disable HTTPS on WSUS
If you are using WSUS 3.2 on any other OS:
- Disable HTTPS on WSUS
Microsoft will no longer be distributing Windows 8.1 Update KB2919355 to WSUS servers, and the only way for customers in WSUS environments to currently get it, would be to download it from Microsoft Download Center and install it manually on their systems, but Microsoft recommends that you postpone deployment of this Update, till it releases a fresh update soon.
The Windows 8.1 Update is a cumulative set of security updates, critical updates and updates and introduces several new features. In addition to previous updates, it includes improvements such as improved Internet Explorer 11 compatibility for enterprise applications, usability improvements, extended mobile device management and improved hardware support. In Windows Server 2012, this package also enables support clustering configurations for hosts.