800700CE

 Error Code 800700CE 

If the server is a Sharepoint Server, follow the steps mentioned below:

If the  updates failing to install are TLS security updates which use the "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Ciphers" registry keys.

1. Export the Registry.
2. Delete the registry key "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Ciphers\DES 56/56]"
3. Reboot the machine.
4. Ran windows update and install the required patch.
5. Once done, re-import the Registry (as it is required for Sharepoint).

80246007

Error Code 80246007

1. When you receive Error 0x80246008 or 0x80246007, restart the Background Intelligent Transfer       Service (BITS) or the Windows Event Log service.


2. Run Windows Update again.

8024402F

Error Code 8024402F

The error code 8024402F is usually caused by a connection interruption between your computer and the Windows Update servers.


Close Windows Update, wait 5 to 10 minutes, and then run Windows Update again. You can also wait for Windows Update to run at its next scheduled time.

Patch Management Procedure and Best Practice

Windows Patch Management Procedure

Patches can add functionality, correct defective functionality, or address security vulnerabilities that range from low severity to critical. The effective risk is a combination of the likelihood of the vulnerability being exploited, the ease of exploitation, the result of exploitation, and if an exploit is known to exist. A system with no network connection might be highly vulnerable, but is unlikely to be compromised due to its limited exposure. Some vulnerabilities are very difficult to exploit, while others are trivial to take advantage of. The exploitation of a vulnerability can have varied results; some vulnerabilities allow remote access, some give an attacker information, and some may crash a system component or the system itself. Lastly, sometimes attackers use a vulnerability to compromise a system before the patch is available -- that makes the risk higher since it has already been "weaponized."

These Windows patch management procedure considerations are important because the risk posed by a low-severity vulnerability is much less than the risk from a critical-rated vulnerability that has a known exploit (which provides remote access) in the wild. Your patch process should include evaluating the relevance and criticality of each patch to your environment. Since Microsoft patches are released the second Tuesday of every month, it is easy to plan this review into your normal operations schedule.

Your patch-testing plan comes down to evaluating risks and costs: How critical are the systems and how much effort can you allocate to ensuring a patch will not cause functional problems? Is it cheaper to respond to an emergency outage caused by a conflicting patch or to fully test those patches before deployment?

The effort of creating and maintaining a patch testing program is not the only consideration here either; unpatched systems represent a risk to your network, particularly if there is a known or feasible exploit for it. To lessen the risk that a given vulnerability will be exploited, you need to speed up the patch process. The patch process does not need to be the same for all of your systems; you can increase the testing effort for critical systems and skip testing for low-value systems. Adjusting the patch process in accordance with the system value allows you to spend your time where it matters most.

Another Windows patch management approach, either in addition to or in lieu of formal testing, is the use of an early adopter population. By allowing a segment of your population to update before the majority of your systems, you can often reduce the risk that a patch will cause a large disruption. You might have that early adopter population update right away and then update the larger population a week later if the early adopters don't complain.

Patching that super-critical finance/billing/factory/medical server might be deemed risky and undesired, but leaving it unpatched might allow an attacker or worm to compromise the system or crash it. Even worse, someone may be able to break into that system and steal confidential information or tamper with it. I wish I had a dollar for every time I heard "that system is too important to patch!" That thinking is fundamentally flawed; if the system is critical, then it is too important not to patch.

System Restore in Safe Mode

How to perform System Restore in Safe Mode

1. Open command prompt and type in the following command

"%systemroot%\system32\restore\rstrui.exe"

2. Hit Enter.

8E5E03FA

Error Code 8E5E03FA

To resolve this problem, follow these steps:

1. Stop the Cryptographic Service and the Windows Update service. To do this, follow these steps:
1. Click Start, click Run, type cmd, and then click OK.
2. At the command prompt, type the following commands, and then press ENTER after each command:
   net stop wuauserv
   net stop cryptsvc
   Exit

2. Rename the Catroot2 folder.
   
   Note Do not follow this step if you are using Microsoft Windows 2000.
   
   To rename the Catroot2 folder, follow these steps:
1. Click Start, click Run, type cmd, and then click OK.
2. At the command prompt, type the following commands, and then press ENTER after each command:
   net stop cryptsvc
   ren %systemroot%\System32\Catroot2 catroot2_old
   net start cryptsvc
   exit
   Important Do not rename the Catroot folder. The Catroot2 folder is automatically recreated by Windows, but the Catroot folder is not recreated if the Catroot folder is renamed.

3. Rename the "SoftwareDistribution" folder:
1. Click Start, click Run, type %systemroot%, and then click OK.
2. Right-click the SoftwareDistribution folder, and then click Rename.
3. Type SoftwareDistribution_old, and then press ENTER to rename this folder.

4. Start the Cryptographic Service, the Windows Update service, and the Event Log service. To do this, follow these steps:
1. Click Start, click Run, type cmd, and then click OK.
2. At the command prompt, type the following commands, and then press ENTER after each command:
   net start cryptsvc
   net start wuauserv
   exit
5. Try installing the updates.

Exchange 2010 SP3 Error 'DataCollectorSvc' process has open files

Error while applying Exchange SP3

Error: Setup cannot continue with the upgrade because the ‘DataCollectorSvc' () process (ID: 1564) has open files. Close the process and restart Setup.

1. Goto Task Manager and open Processes tab

2. Select the DataCollectorSvc.exe and kill the process by clicking on End Process.

3. Click Retry on the Exchange SP3 setup

Exchange 2010 SP3 step-by-step installation (with snapshots)

Download the Exchange SP3 from https://www.microsoft.com/en-US/download/details.aspx?id=36768

Note: If you have Exchange SP1 installed, you do not need to upgrade to SP2 before heading to SP3

Extract the Setup files to a folder

Proceed with the Microsoft Exchange SP3 installation:

1. Browse to the folder where you extracted the setup files and run 'Setup'

2. Select the option “Install Microsoft Exchange Server Upgrade”

3. Follow the steps provided in the snapshots

4. You may get a warning to install KB2550886 which fixes an issue with Windows clustering (can       be ignored in case you are not using clustering).

5. It won’t ask for a reboot at the end of installation but reboot is recommended, so better go ahead         with the reboot.

6. Confirm the version of Exchange, it should be greater than or equal to 14.03.0123.3

8024000E

Error Code 8024000E

Step 1:
Run System File Checker(SFC) scan

To run the System File Checker tool, follow these steps:

1) Click Start, and then type cmd in the Start Search box.

2) Right-click cmd in the Programs list, and then click Run as administrator.

3)If you are prompted for an administrator password or confirmation, type your password or click Continue

4) At the command prompt, the following line, and then press ENTER:
sfc /scannow

If completed with no errors, try installing updates. In case failed with error 'Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log %WinDir%\Logs\CBS\CBS.log', goto Step 2

Step 2:
Install System Update Readiness tool

Check 'CheckSUR' log under 'c:\Windows\Logs\CBS', If no errors detected then go ahead and install the updates.
If this did not work too, follow workaround provided in Step 3

Step 3:
Click on 'check for updates online' 

Steps to upgrade SonicWALL Firmware

Procedure to upgrade the SonicWALL UTM Appliance firmware Image with Current Preferences (on Standard or Enhanced)

Perform the following steps to update your SonicWALL appliance with saved preference file (settings file): 

1.    Download the SonicOS Standard/Enhanced firmware image file from mysonicwall.com and save it to a location on your local computer. Refer Below:

To obtain a new SonicOS (Standard/Enhanced) firmware image file for your SonicWALL UTM appliance: 

        1. Connect to your mysonicwall.com account at http://www.mysonicwall.com.

        2. Click on Download Center on the left pane, select the appropriate Language and Software Type. 

      3. Click on the Firmware link to download the latest version (.sig file)

      Note: You can access previous firmware versions by clicking on the “Previous Versions” link

      4. Save the new SonicOS firmware image file to a directory on your management computer.

 2. On the System > Settings page, click the Export Settings button to save the current configuration to a file. You will be prompted to select the location on your hard drive to save the file.

     
3.  For good measure, click on the Create Backup Settings button to save the current firmware and settings within the SonicWALL appliance.

     
4. On the System > Settings page, click Upload New Firmware.

         
5. Browse to the location where you saved the SonicOS Standard/Enhanced firmware image file, select the file, and click Upload.

         
6. Click the Boot icon in the row for Uploaded Firmware - New!

 7. In the confirmation dialog box, click OK. The SonicWALL restarts and then displays the login page.

8. Enter your user name and password. Your new SonicOS Standard/Enhanced image version information is listed on the System > Settings page.

Source: https://support.software.dell.com/kb/sw5640

How to Uninstall Internet Explorer 11 from Windows 7

In case Internet Explorer 11 isn't working properly, you can revert to your original version by uninstalling the Internet Explorer updates.

1. Open Control Panel

2. Click 'Uninstall a program' link

3. Click on 'View installed updates' link on the left side of the window. This will open a list of updates that are installed on the machine.

4. Find the entry: Internet Explorer 11

5. Select the patch and click on 'Uninstall'

6. Click 'Yes' when prompted.

7. Wait for Uninstallation to complete.

Once the Uninstallation is complete, reboot the machine and complete the process.

80092004

Error Code 80092004

Patch KB3058515 failing with error 80092004

Reference Link: http://news.softpedia.com/news/Botched-Windows-Update-KB3058515-and-Error-80092004-More-Info-and-Possible-Fix-484243.shtml

As per the article the patch KB3058515 is causing trouble on a number of Windows 7 machines.

Possible fix for KB3058515

1. Remove Internet Explorer completely from your machine and then install it from scratch via Windows Update.
2. After you have installed IE, machine will be having IE with KB3038314.
3. Check for new versions in Windows Update.
4. KB3058515 should then be offered once again and automatic installation is supposed to be running smoothly.

Microsoft Office 2010 patches not offered by 'Windows Update'

1. If Microsoft Office 2010 patches are not detected through 'Windows Update' option.

2. Open an Office Application (excel, word etc)

3. Goto 'File' tab -> Help

4. Click 'Check for Updates'.

5. It will pop-up a browser window with site 'update.microsoft.com'.

6. Run 'Windows Update' again.

7. Now you will be able to get all the Microsoft Office 2010 patches in the list of Important Updates.