Unable to download Forefront Updates – Windows 2000 Server

Reading Time: < 1 minute

If you are experiencing issues with downloading Forefront Updates from WSUS to your Windows 2000 server, you may find the below error within your WindowsUpdate.log folder.

WARNING: Digital Signatures on file C:\WINNT\SoftwareDistribution\SelfUpdate\Default\wuident.cab are not trusted: Error 0x800b0109

Ensure you have a recent backup of your server. I always advise this whether the fix is small or large.

Download the below .exe and run.

http://download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/rootsupd_a153023b66d29034420aa227ccc2164cff75229e.exe

Now, restart your automatic updates service and check your WindowsUpdate.log file. If there are no errors, the updates should start to pull down within 10 minutes

The reason for this issue, is because Microsoft have started using a new certificate that is issued from a newer trusted root authority to digitially sign the update files. Windows 2000 machines do not have the trusted root cert installed,  so they will not install the updates as they are considered untrusted.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.