New
#1
Version 1903, builds 18362 RC through 18362.113, WU and MS Store issue
Hello!
I've been testing the Version 1903 builds on about a half dozen PCs (all upgrades from 1809) over the past month or so, and am having a strange problem on only one of them. I've found something curious, and wanted to post it in case anyone has seen this happen before, or can give me any insight.
My problem PC is having two problems - it cannot connect to Windows Update, and it cannot download apps/updates from the Microsoft Store.
For Windows Update, the message is "Error encountered - We couldn't connect to the update service. We'll try again later, or you can check now. If it still doesn't work, make sure you're connected to the Internet."
For the Microsoft Store, the error code is 0x80072EFE, which is a generic "connection aborted" condition.
Initially, I researched these errors individually, trying various "fixes" for each. For the Windows Update problem, I ran the troubleshooter (which finds nothing), did some netsh reset commands/reboots, and performed another in-place upgrade, among other things. For the Microsoft Store problem, I ran the troubleshooter, performed a "wsreset," and other things which I don't remember now. The bottom line is, none of these things solved the problem.
Next, I associated the PC with a WSUS instance I administer as part of my day job, via a VPN. Pointed to that, Windows Update functions and is happy, but any checks to Microsoft "directly" result in the same failures.
Over the weekend, I decided to run a Wireshark packet capture, in an effort to determine what was happening during the WU checks and the MS Store downloads. I was able to trace what is happening, and the symptom is the same for both problems.
There is a specific Microsoft endpoint, slscr.update.microsoft.com [13.78.168.230], which the PC connects to when checking for Windows Updates or MS Store downloads. However, on my problem PC, after it sends a TLS 1.2 "Client Hello," the 13.78.168.230 endpoint immediately responds with a TCP reset, which kills the connection (basically "hangs up" on me). After many attempts (each subsequent resulting in the same TCP reset), my PC gives up, and I get the error message.
If I block outbound traffic to 13.78.168.230 with the Windows firewall, the error messages change to "check your Internet connection" messages, with the MS Store error changing to 0x00072EFD ("Check your Internet connection - We couldn't connect you to the service).
I've had a look at the other "good" PCs (one of which is on the same network as the problem one), and those communicate with 13.78.168.230 just fine after the TLS 1.2 "Client Hello," getting back a "Server Hello" and continuing on with the network conversation normally.
It is a mystery why this specific PC is getting the TCP resets from that MS endpoint. I'm also at a loss on what to try next...if anyone has any ideas, I'm all ears!
Thank you for reading!