Microsoft confirms patching issues in restricted Windows networks
by Sergiu Gatlan · BleepingComputerMicrosoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates.
In Windows network-restricted environments, ranging from fully isolated, air-gapped systems to strictly firewalled networks, affected systems will display error code 0x80010002 when updating through Windows Update.
"Affected devices might be able to download the February monthly Windows security update, but then become unable to use the Windows Update settings to download Windows updates released in March, April, or later months," Microsoft said in a service alert first spotted by Microsoft MVP Susan Bradley.
"This issue results from recent changes in download timeout requirements when starting download operations. It is not related to device integrity or the device's ability to install Windows updates, only to its ability to download updates from the internet via the Windows Update page under Settings."
While Microsoft is still working to resolve this issue, IT administrators can work around this issue by installing one of the following group policies using Known Issue Rollback (KIR), a Windows feature that reverses buggy updates delivered via Windows Update:
- Windows 11 26H1 KB5083806 Known Issue Rollback
- Windows 11 24H2, Windows 11 25H2 and Windows Server 2025 KB5083631 Known Issue Rollback
"You will need to install and configure the Group Policy for your version of Windows to resolve this issue. You will also need to restart your device(s) to apply the group policy setting," Microsoft added.
Admins can also find further guidance on deploying and configuring KIR group policies on Microsoft's support website.
In recent years, admins have encountered several other issues when installing Windows updates. For instance, in April 2025, Microsoft resolved another bug preventing enterprise customers from installing the April 2025 security updates via Windows Server Update Services (WSUS).
The company also fixed an almost identical issue in August 2025 that caused the Windows 11 24H2 cumulative update to fail with 0x80240069 errors when delivered via WSUS.
More recently, Microsoft shared another KIR fix for a known issue that causes the May 2026 Windows 11 security update (KB5089549) to fail to install on some systems and to trigger 0x800f0922 errors.
The Validation Gap: Automated Pentesting Answers One Question. You Need Six.
Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.
This guide covers the 6 surfaces you actually need to validate.