The other day was a big day for Microsoft users, what with the deadline for Windows XP finally arriving. Then there was the update for Windows 8.1, which was released on the same day. However, Microsoft has stopped the Windows 8.1 update for businesses relying on Windows Server Update Services (WSUS) due to a bug in the software.

Windows 8.1 update

From the WSUS Product Team Blog:

There is a known issue which causes some PCs updated with the Windows 8.1 Update (KB 2919355) to stop scanning against Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2 or WSUS 3.2) servers which are configured to use SSL and have not enabled TLS 1.2.

Basically, this means that the bug might not allow updated devices to recognize future updates. It is also important to note, however, that this issue does not affect all users. The blog announcement further specifies that “only users who have enabled HTTPS and have not enabled TLS 1.2 on their WSUS 3.2 servers and who are also using these WSUS 3.2 servers to manage PCs running the Windows 8.1 Update KB 2919355 are affected by this issue“.

In case you have already made the updates, and you are one of the affected users, Microsoft provides a workaround:

If you are using WSUS 3.2 on Windows Server 2008 R2, you may perform either of the following steps to restore the scan functionality if you have deployed the Windows 8.1 Update KB2919355.

  • Enable TLS 1.2 (follow the instructions under More Information > SCHANNEL\Protocols subkey), or
  • Disable HTTPS on WSUS

If you are using WSUS 3.2 on an operating system other than Windows Server 2008 R2, you may perform the following step to restore the scan functionality.

  • Disable HTTPS on WSUS

Microsoft is working on a solution, as can be expected, and when this is released, users are advised to re-enable HTTPS on WSUS.

So, if you’re a business, and you have NOT updated Windows 8.1, it is highly suggested that you postpone doing so until Microsoft releases a new update that will resolve the issue.

[Image via betanews]