SCCM 2012 R2 CU3 + Endpoint Protection. I am seeing an increasing number of clients reporting out of date Forefront definitions. Spent a bit of time checking and this seems to be a known problem - in Windowsupdate.log seeing
ISusInternal::GetUpdateMetadata2 failed, hr=8007000E
There are a few threads on this which seem to indicate this to be nothing to do with SCCM but a WSUS error that MS are writing a fix for. However from what I read this is not going to be available until June/July 2015
I have written a batch file as so as recommended in this thread
sc config wuauserv type= own
bcdedit /set increaseuserVA 3072
Followed by a reboot
I am finding that with a lot of coaxing i.e. 2-3 or more reboots, software scan cycle, software deployment evaluation cycle that most eventually update but some will not and I've ended up rebuilding PCs
Therefore trying to work out the best course of action to keep the estate compliant
Is there any merit in trying to deal with the WSUS database? - you could in theory completely delete it, reinstall and setup SCCM all over again. I'd be loath to do all this unless it has a real benefit. Going through the WSUS Server Cleanup Wizard didn't remove anything as I assuming SCCM 2012 R2 does most of it for you these days
So looking for advice