Главная » Linux

Update server list windows

Содержание
  1. Update server list windows
  2. Почему не устанавливаются обновления Windows
  3. Что делать если не ставятся обновления Windows
  4. Сам список серверов обновлений microsoft
  5. Update server list windows
  6. Answered by:
  7. Question
  8. Answers
  9. All replies
  10. Windows 10 update history
  11. Updates for Windows 10, version 1903 and Windows Server, version 1903
  12. Current status of Windows 10, version 1903 and Windows Server, version 1903
  13. Notes and messages
  14. General
  15. End of servicing
  16. Troubleshooting

Update server list windows

Список серверов Обновлений Windows Update

Всем привет сегодня заметка больше для себя, а именно список серверов Обновлений Windows Update. Для чего это может пригодиться, ну например если вы получили ошибку Обновление не найдено при установке WSUS роли, или наоборот по какой то причине хотите их забанить, для экономии трафика, если у вас нет WSUS, так как не все обновления Windows хорошие и особенно в современных ее версиях, думаю нет смысла напоминать про ошибку 80244019, хотя этот список можно продолжать очень долго. Причина не важна, главное чтобы знать, что такое есть и с этим можно как то работать. Ниже я вам покажу методы запрета адресов сервера обновлений microsoft, как универсальный, подходящий для отдельного компьютера, так и для централизованного управления в рамках предприятия.

Почему не устанавливаются обновления Windows

Вот скриншот ошибки если у вас недоступен адрес сервера обновлений microsoft. Как видите ошибка мало информативна. Ее я получаю на сервере несущим роль WSUS, кто не помнит, что это такое, то это локальный центр обновлений для предприятий, для экономии трафика, и вот тут как раз не устанавливаются обновления Windows по причине, не доступности серверов Microsoft.

Список серверов Обновлений Windows Update-01

Что делать если не ставятся обновления Windows

  • Первым делом вы должны проверить есть ли у вас интернет, так как его наличие обязательно для большинства людей, если конечно у вас не домен Active Directory и вы их скачиваете с вашего WSUS
  • Далее если интернет есть, смотрим код ошибки, так как именно по нему нужно уже искать информацию о решении проблемы (из последних проблем могу привести пример, как решается Ошибка 0x80070422 или Ошибка c1900101), но список можно так же вести очень долго.
  • Проверяем у себя на прокси сервере, нет ли запрета до вот таких адресов сервера обновлений microsoft.

Сам список серверов обновлений microsoft

  1. http://windowsupdate.microsoft.com
  2. http://*.windowsupdate.microsoft.com
  3. https://*.windowsupdate.microsoft.com
  4. http://crl.microsoft.com/pki/crl/products/MicProSecSerCA_2007-12-04.crl
  5. http://*.update.microsoft.com
  6. https://*.update.microsoft.com
  7. http://*.windowsupdate.com
  8. https://activation.sls.microsoft.com/
  9. http://download.windowsupdate.com
  10. http://download.microsoft.com
  11. http://*.download.windowsupdate.com
  12. http://wustat.windows.com
  13. http://ntservicepack.microsoft.com
  14. https://go.microsoft.com/
  15. http://go.microsoft.com/
  16. https://login.live.com
  17. https://validation.sls.microsoft.com/
  18. https://activation-v2.sls.microsoft.com/
  19. https://validation-v2.sls.microsoft.com/
  20. https://displaycatalog.mp.microsoft.com/
  21. https://licensing.mp.microsoft.com/
  22. https://purchase.mp.microsoft.com/
  23. https://displaycatalog.md.mp.microsoft.com/
  24. https://licensing.md.mp.microsoft.com/
  25. https://purchase.md.mp.microsoft.com/

Так что не забываем открывать их на свой прокси или закрывать :). Советую почитать в до гонку Как установить WSUS на Windows Server 2012R2

Update server list windows

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Answered by:

Question

As per our organization policy, we have to only the access from our WSUS server to Microsoft Update servers. I need a list of IP address/segment pool of Microsoft Update servers over Internet. Our firewall only supports IP addresses/ports as the criterion. Our firewall DO NOT support any FQDN/URL/wildcard. Could you help me please?

Answers

You will have a base system with known FQDN. If WSUS ask other servers,then you should catch the network traffic with network monitor. Wireshark will do the job. You may catch relevant data during initial sysnchronization.

Читайте также:  Приложение facebook для windows 10 больше не доступно

You can contact directly via mail a WSUS specialist that may have current IP addresses — jchornbe (a)microsoft dot com or at chip.hornbeck (a) outlook dot com . or at least he will redirect you to another WSUS specialist.

Ports are standard ones 80 for http and 443 for https.

Your task is not very uncommon. People use standard firewall that can work with FQDN. You have one more task, namely to resolve IP on local network.

(PS: There may be more risky business, namely open entire blocks of IP addresses in your firewall using database ARIN, RIPE. In majority there is current list of update servers that is cnamed providers. This is why the list will be too broad and you do not know what harm may do unknown servers that are not in update family. It is possible, but I would not use this procdure.)

It is very hard task, as behind FQDN there may be a variety of servers that may change in time. Every server may have different IP address, or a group of addresses for round robin DNS configurations.

Look at the list of update servers.

There are wildcards in names. For known FQDN use function nslookup. For windowupdate.microsoft.com you will obtain:

Name: www.update.microsoft.com.nsatc.net
Addresses: 191.232.80.55
134.170.58.222
Aliases: windowsupdate.microsoft.com
windowsupdate.microsoft.nsatc.net

You have mentioned aliases that make the situation «harder» (for us, not for computer). Also from this follows that there are at least two servers and you obtain two relevant IP addresses.

The major problem is that you should check this regularly to keep data consistent.You can use network monitor and do analysis yourself and find which servers is WSUS asking for updates.

All replies

It is very hard task, as behind FQDN there may be a variety of servers that may change in time. Every server may have different IP address, or a group of addresses for round robin DNS configurations.

Look at the list of update servers.

There are wildcards in names. For known FQDN use function nslookup. For windowupdate.microsoft.com you will obtain:

Name: www.update.microsoft.com.nsatc.net
Addresses: 191.232.80.55
134.170.58.222
Aliases: windowsupdate.microsoft.com
windowsupdate.microsoft.nsatc.net

You have mentioned aliases that make the situation «harder» (for us, not for computer). Also from this follows that there are at least two servers and you obtain two relevant IP addresses.

The major problem is that you should check this regularly to keep data consistent.You can use network monitor and do analysis yourself and find which servers is WSUS asking for updates.

Thanks for your quick reply. We can try my best to check the IP addresses of the FQDNs frequently. However, the prerequisite is I know the FQDNs. But from the information you shared to me, I can see there are wildcards in the URLs. In this case, how can I check the IP addresses of these FQDNs (I don’t think network monitor is a good solution)? Or can I understand that package filtering based firewall (IP address/port based firewall) does not support Microsoft Update server list? And we also have to change our firewall to support URL with wildcards? But how to deal with the HTTPS URLs which are encrypted by SSL? Or we have to violate our policy to enable the full Internet access for our WSUS server?

  • http://windowsupdate.microsoft.com
  • http://*.windowsupdate.microsoft.com
  • https://*.windowsupdate.microsoft.com
  • http://*.update.microsoft.com
  • https://*.update.microsoft.com
  • http://*.windowsupdate.com
  • http://download.windowsupdate.com
  • http://download.microsoft.com
  • http://*.download.windowsupdate.com
  • http://test.stats.update.microsoft.com
  • http://ntservicepack.microsoft.com

You will have a base system with known FQDN. If WSUS ask other servers,then you should catch the network traffic with network monitor. Wireshark will do the job. You may catch relevant data during initial sysnchronization.

Читайте также:  Микрофон очень тихий ноутбук windows

You can contact directly via mail a WSUS specialist that may have current IP addresses — jchornbe (a)microsoft dot com or at chip.hornbeck (a) outlook dot com . or at least he will redirect you to another WSUS specialist.

Ports are standard ones 80 for http and 443 for https.

Your task is not very uncommon. People use standard firewall that can work with FQDN. You have one more task, namely to resolve IP on local network.

(PS: There may be more risky business, namely open entire blocks of IP addresses in your firewall using database ARIN, RIPE. In majority there is current list of update servers that is cnamed providers. This is why the list will be too broad and you do not know what harm may do unknown servers that are not in update family. It is possible, but I would not use this procdure.)

Windows 10 update history

Windows 10, version 1903 and Windows Server, version 1903

Updates for Windows 10, version 1903 and Windows Server, version 1903

Windows 10 is a service, which means it gets better through periodic software updates.

The great news is you usually don’t have to do anything! If you have enabled automatic updates, new updates will automatically download and install whenever they’re available, so you don’t have to think about it.

On the left side of this page, you’ll find a list of all the updates released for this version of Windows. You can also find more information about releases and any known issues. Installing the most recent update ensures that you also get any previous updates you might have missed, including any important security fixes.

Current status of Windows 10, version 1903 and Windows Server, version 1903

For the most up-to-date information about Known Issues for Windows and Windows Server, please go to the Windows release health dashboard.

Notes and messages

General

IMPORTANT Release notes are changing! To learn about the new URL, metadata updates, and more, see What’s next for Windows release notes.

IMPORTANT Starting in July 2020, we will resume non-security releases for Windows 10 and Windows Server, version 1809 and later. There is no change to the cumulative monthly security updates (also referred to as the «B» release or Update Tuesday release). For more information, see the blog post Resuming optional Windows 10 and Windows Server non-security monthly updates.

IMPORTANT Starting in July 2020, all Windows Updates will disable the RemoteFX vGPU feature because of a security vulnerability. For more information about the vulnerability, seeCVE-2020-1036 and KB4570006. After you install this update, attempts to start virtual machines (VM) that have RemoteFX vGPU enabled will fail, and messages such as the following will appear:

Читайте также:  Слетают иконки ярлыков windows 10

If you re-enable RemoteFX vGPU, a message similar to the following will appear:

“The virtual machine cannot be started because all the RemoteFX-capable GPUs are disabled in Hyper-V Manager.”

“The virtual machine cannot be started because the server has insufficient GPU resources.”

«We no longer support the RemoteFX 3D video adapter. If you are still using this adapter, you may become vulnerable to security risk. Learn more (https://go.microsoft.com/fwlink/?linkid=2131976)”

What’s new for Windows 10, version 1909 and Windows 10, version 1903 release notes

Windows 10, versions 1903 and 1909 share a common core operating system and an identical set of system files. As a result, the new features in Windows 10, version 1909 were included in the recent monthly quality update for Windows 10, version 1903 (released October 8, 2019), but are currently in a dormant state. These new features will remain dormant until they are turned on using an enablement package, which is a small, quick-to-install “master switch” that simply activates the Windows 10, version 1909 features.

To reflect this change, the release notes for Windows 10, version 1903 and Windows 10, version 1909 will share an update history page. Each release page will contain a list of addressed issues for both 1903 and 1909 versions. Note that the 1909 version will always contain the fixes for 1903; however, 1903 will not contain the fixes for 1909. This page will provide you with the build numbers for both 1909 and 1903 versions so that it will be easier for support to assist you if you encounter issues.

For more details about the enablement package and how to get the feature update, see the Windows 10, version 1909 delivery options blog.

End of servicing

IMPORTANT Windows 10, version 1903 will reach end of servicing on December 8, 2020. To continue receiving security and quality updates, Microsoft recommends that you update to the latest version of Windows 10. If you want to update to Windows 10, version 1909, you must use the Enablement Package KB4517245(EKB). Using the EKB makes updating faster and easier and requires a single restart. For more information, see Windows 10, version 1909 delivery options.

Troubleshooting

If you have questions or need help activating or troubleshooting Windows, see our help topics below:

For information about how to update, see Update Windows 10.

If you have questions about manually installing or removing an update, see Windows Update: FAQ.

Getting an error message when updating? See Troubleshoot problems updating Windows 10.

If you need to activate Windows, see Activation in Windows 10. If you’re having trouble with activation, see Get help with Windows activation errors.

To get the latest major update to Windows 10, see Get the Windows 10 October 2018 Update.

Оцените статью
© 2024 Советы по настройке компьютера