With organisations still seeing the fallout from the dreaded KB5000802 BSOD Issue that i covered in this article I will explain how you can import out-of-band updates into WSUS to deploy to PC’s in your organisation.
Microsoft have released an out of band update (KB5001567) to remediate the effects of the KB500802 Update which can be downloaded here.
The issue is Microsoft have made this available to download and install from the update catalogue, direct from Windows Update, but not made it available to deploy via Windows Server Update Services.
To import this hotfix, log into your deployment server and open up WSUS.
Under the console tree, right click ‘Updates‘ and click import updates
In the Update Catalogue, search for KB5001567 and add the updates which you’ll need for your devices, in my case it would just be 20h2 x64 and 2004 x64
Once added, go to your basket and import the updates
WSUS should now start to import the updates form the Microsoft Update Catalogue
You may receive error 80131509 like I did, after a bit of research i found this is to do with .NET Framework and the Update Catalogue.
To fix this issue, open up CMD and run the following command
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /V SchUseStrongCrypto /T REG_DWORD /D 1
Reboot your server and try the above steps again.
Once complete you should now see the Hotfix in WSUS, you can verify this by searching for the KB Number
You can now deploy this via WSUS, if you use SCCM/MECM synchronise with WSUS and the update should now be available to deploy.