Microsoft fixed a known issue impacting WSUS (Windows Server Update Services) servers upgraded to Windows Server 2022, causing them not to push Windows 11 22H2 updates to enterprise endpoints.
While the updates would successfully download to the WSUS server, they failed to propagate further to client devices. The root cause stems from the accidental removal of .msu and .wim MIME types during the upgrade process to Windows Server 2022.
This issue only affects WSUS servers running Windows Server 2022, specifically, those upgraded from Windows Server 2016 or Windows Server 2019.
Notably, Microsoft Configuration Manager, which is part of the Microsoft Endpoint Manager, remains unaffected by this particular issue.
“This issue is caused by the accidental removal of required Unified Update Platform (UUP) MIME types during the upgrade to Windows Server 2022 from a previous version of Windows Server,” Redmond says.
“This issue might affect security updates or feature updates for Windows 11, version 22H2.”
Even though Microsoft addressed the issue by releasing the March KB5023705 cumulative update for Windows Server 2022, the company only updated the Windows health dashboard on Friday to acknowledge the fix.
Workaround for affected WSUS servers
Microsoft also provides a workaround for admins who haven’t installed KB5023705 and need a temporary fix.
This requires them to re-add the accidentally removed UUP MIME types manually using these PowerShell commands (the lines can be selected with a double-click):
& $Env:WinDirsystem32inetsrvappcmd.exe set config /section:staticContent /+"[fileExtension='.msu',mimeType="application/octet-stream"]"
& $Env:WinDirsystem32inetsrvappcmd.exe set config /section:staticContent /+"[fileExtension='.wim',mimeType="application/x-ms-wim"]"
The missing file extensions can also be added back to impacted servers with the help of using the Internet Information Services (IIS) Manager by creating new MIME Types with the “.wim” (application/x-ms-wim) and “.msu” (application/octet-stream) extensions.
​Earlier this month, Redmond also rolled out a driver update to fix cameras on ARM-based Windows devices (including Surface Pro X laptops), broken since customer reports started pouring in on May 23.
The company made another attempt to tackle a Local Security Authority (LSA) Protection bug that was causing Windows Security warnings with the KB5007651 Microsoft Defender update.
The initial release of this update occurred on April 26, but it was subsequently withdrawn nearly a month later, on May 17.
The decision to take it down was prompted by reports of blue screens and unexpected system restarts on Windows 11 when gaming after installing the update.