Skip to main content

SCCM Software update Failure : CBS_E_STORE_CORRUPTION (KB3000850)

By
Scenario:
A two node cluster required new and old software updates to bring it up to compliance. The installation of KB3000850 was failing to install either manually or via SCCM deployment on one node  but not the other.

WUAHandler.log
Installation job encountered some failures. Error = 0x80240022. Commit Result = 0x00000001

CBS.log
 Not able to add file to extract: update.ses [HRESULT = 0x80070002 - ERROR_FILE_NOT_FOUND]

CBS    Store corruption, manifest missing for package: Package_33_for_KB3081320~31bf3856ad364e35~amd64~~6.3.1.1
CBS    Mark store corruption flag because of package: Package_33_for_KB3081320~31bf3856ad364e35~amd64~~6.3.1.1. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]

 Failed to resolve package [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]

WER: Generating failure report for package: Package_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8, status: 0x800f0831, failure source: Execute, start state: Staged, target state: Installed, client id: WindowsUpdateAgent


Common troubleshooting steps carried out without success:

net stop wuauserv
net stop cryptsvc
Ren %systemroot%\SoftwareDistribution SoftwareDistribution.bak
Ren %systemroot%\system32\catroot2 catroot2.bak
net start wuauserv
net start cryptsvc

SFC /Scannow
Dism /Online /Cleanup-Image /RestoreHealth /Source:wim:E:\sources\install.wim:1 /limitaccess


Resolution:

Note the KB detailed within the CBS log after "Store corruption, manifest missing for package:". In my case it was KB3081320. This KB was not installed on the failed node from within control panel or Powershell (get-hotfix | select hotfixid) however, the manifest file was present within the folder C:\Windows\servicing\Packages.

Download the KB MSU file from the Microsoft Update catalog  and extract the CAB file to a temp directory.

expand C:\temp\updates\windows8.1-kb3081320-x64_d6e34f82e20d9efa19ab0ae7a938f8d80c01416e.msu /f:* C:\temp\updates\kb3081320

Then remove the package using DISM; this will in affect remove the manifest file from C:\Windows\servicing\Packages

dism /online /remove-package:C:\Temp\Updates\kb3081320\Windows8.1-KB3081320-x64.cab

Finally after removing the corrupted manifest files /updates the intended update KB3000850 will install via DISM/SCCM successfully and the CBS log will not have any corruption errors.

Dism /online /add-package /packagepath:C:\Temp\Updates\kb3000850\Windows8.1-KB3000850-x64.cab



Labels:

Comments

  1. Carpet Bomberz Inc.March 22, 2018 at 7:33 AM

    Thanks for writing this one up. I've seen errors in CBS.log before, but not this one, will keep a keen eye on any failures that seem similar to this.

    ReplyDelete
  2. UnknownMarch 30, 2018 at 2:26 PM

    Thank you very much, this helped me fix an installation of SSRS 2017 that required .Net 4.5.2 to be installed. However, the installation of the .Net 4.5.2 was failing with CBS_E_STORE_CORRUPTION and these steps resolved it.

    ReplyDelete
  3. UnknownJune 14, 2018 at 12:50 AM

    Grettings!

    Still get 0x800f0831 error (see below).
    What else can I try?

    ===

    dism /online /remove-package:"C:\Temp\Updates\kb3205401\Windows8.1-KB3205401-x64.cab"

    Deployment Image Servicing and Management tool
    Version: 6.3.9600.17031

    Image Version: 6.3.9600.17031

    Processing 1 of 1 - Removing package Package_for_RollupFix~31bf3856ad364e35~amd64~~9600.18545.1.4
    [==========================100.0%==========================]
    The operation completed successfully.

    Dism /online /add-package /packagepath:"C:\Temp\Updates\kb3205401\Windows8.1-KB3205401-x64.cab"

    Deployment Image Servicing and Management tool
    Version: 6.3.9600.17031

    Image Version: 6.3.9600.17031

    Processing 1 of 1 - Adding package Package_for_RollupFix~31bf3856ad364e35~amd64~~9600.18545.1.4
    [==========================100.0%========================= ]
    An error occurred - Package_for_RollupFix Error: 0x800f0831

    Error: 0x800f0831

    DISM failed. No operation was performed.
    For more information, review the log file.

    The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

    ReplyDelete
    Replies
    1. syswow64July 3, 2018 at 12:52 AM

      Can you install the MSU file not the CAB extracted, then if it fails provide the CBS.log ?

      Delete
  4. HAZEL JACKFebruary 27, 2020 at 2:19 AM

    Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I'll be subscribing to your feed and I hope you post again soon. Big thanks for the useful info. offshore development

    ReplyDelete
  5. AckleySeptember 16, 2021 at 7:14 AM

    Good to become visiting your weblog again, it has been months for me. Nicely this article that i've been waited for so long. I will need this post to total my assignment in the college, and it has exact same topic together with your write-up. Thanks, good share. crypter features

    ReplyDelete

Post a Comment

Popular posts from this blog

SCCM Unknown computer not able to see Task Sequences after installing Current Branch 1702

By
Soon after installing SCCM CB 1702 we were unable to see Task Sequences deployed to the unknown collection. This issue was identified as a random system taking the GUID of the 'x64 Unknown Computer (x64 Unknown Computer)' record. As a result it was now a known GUID; as we were only deploying Task Sequences to the Unknown collection none were made available. 'x64 Unknown Computer (x64 Unknown Computer)' record 'x86 Unknown Computer (x86 Unknown Computer)' record To get the GUID of your unknown systems open SQL management studio and run the following command: --Sql Command to list the name and GUID for UnknownSystems record data select ItemKey, Name0,SMS_Unique_Identifier0 from UnknownSystem_DISC Using the returned GUID (SMS_Unique_Identifier0) we can find the hostname that has been assigned the 'x64 Unknown Computer (x64 Unknown Computer)' GUID by running the query below. --x64 Unknown Computers select Name0,SMS_Unique_Identifier0,Decommissioned0 from Sys...
167 comments
Read more

KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932

By
This article outlines the protection against the publicly disclosed Secure Boot security feature bypass involving the BlackLotus UEFI bootkit (CVE-2023-24932). It includes steps to enable the necessary mitigations and provides guidance on creating bootable media. I will provide: - An overview of the CVE issue. - Pre-requisite actions within ADK. - Detection and remediation scripts for CVE-2023-24932. - Instructions for creating a WinPE Boot.wim file to support systems that have undergone remediation. - A breakdown of the files changed and how to boot WinPE to support systems before remediation. 1. Secure Boot Security Feature Bypass Vulnerability CVE-2023-24932 see MSRC CVE-2023-24932 is a security vulnerability involving the BlackLotus UEFI bootkit, which allows attackers to bypass Secure Boot protections. This vulnerability enables the execution of malicious code at the UEFI level, potentially leading to persistent and evasive threats. Mitigations for this issue include updates to th...
Post a Comment
Read more

Java 7 update 21 (1.7.0_21) Enterprise Repackaged Security Medium Deployment with SCCM

By
------------------------------------------------------------------------------------------------- Java 7 update 45 Enterprise deployment complete walk through http://www.syswow64.co.uk/2013/10/java-7-update-45-enterprise-deployment.html -------------------------------------------------------------------------------------------------- The issue on many blogs and articles is around creating the 'deployment.config' and 'deployment.properties' files for an enterprise deployment.  In my case i wanted to set the security level to 'Medium', but everytime I open the Java control panel it was set to the default HIGH setting. Solution 1 Create the following directory path 'C:\Windows\sun\java\deployment' 2 Create a file called 'deployment.config' in this directory and open with Notepad. Copy the two line below #################### deployment.system.config = file\:\\C\:\\WINDOWS\\Sun\\Java\\Deployment\\deployment.properties deployment.system...
15 comments
Read more