What IP addresses does Windows Update use?

I have a Windows 2019 server sitting behind a firewall and an Internet proxy.

What are the network ports and URLs that need to be whitelisted for this server to download Windows patches/updates from the Internet?

asked Sep 20, 2021 at 20:49

Ports: tcp/80 and tcp/443

Urls:

http://windowsupdate.microsoft.com

http://*.windowsupdate.microsoft.com

https://*.windowsupdate.microsoft.com

http://*.update.microsoft.com

https://*.update.microsoft.com

http://*.windowsupdate.com

http://download.windowsupdate.com

https://download.microsoft.com

http://*.download.windowsupdate.com

http://wustat.windows.com

http://ntservicepack.microsoft.com

http://go.microsoft.com

http://dl.delivery.mp.microsoft.com

https://dl.delivery.mp.microsoft.com

These will work for a proxy server. Not sure about the firewall. Many firewalls allow access to address ranges, not urls. Products such as Office 365 have deterministic IP addresses, although those may still change occasionally.

https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/2-configure-wsus

answered Sep 26, 2021 at 12:59

Greg AskewGreg Askew

34.5k4 gold badges52 silver badges81 bronze badges

If you want to keep your computer safe from malware, you need to whitelist Microsoft Update in your firewall. By doing this, you will ensure that only trusted Microsoft Update files can access your computer. Here’s how to do it:
1. Open your firewall settings.
2. Find the option to whitelist or allow specific programs or websites.
3. Add Microsoft Update to the whitelist.
4. Save your changes and close the firewall settings.
Now, your computer will be safe from malware that could come from untrustworthy sources. Microsoft Update is a trusted source for updates and security patches, so you can be sure that your computer is safe when you whitelist it in your firewall.

The web page’s IP address in Windows Update does not always remain static, but it changes on a regular basis. To update Windows, you must specify TCP ports 80, 443, and 49152-65535. By clicking twice, you can configure automatic updates. By going to the left side menu, you can disable Windows automatic updates. HTTP and HTTPS can be transmitted via the IEEE 802.11aws server via 80 and 443 ports. Inbound traffic must be routed through a firewall that has been configured on the server. Port 8530 can be connected via SSL if it is supported by it.

The app’s path can be found by clicking on the Check box next to it or by selecting Allow another app. It is not required that you configure Windows updates to run through the firewall in Windows 10. The Microsoft Update Catalog is a convenient way to download Microsoft updates. Any Windows updates are available in the Windows version list (along with any updates directly imported via the Microsoft Windows Universal Service).

How Do I Allow Windows Updates Through Firewall?

The Windows Firewall can be found in the Windows operating system’s settings. To access the Control Panel, first select the Start button, then the Picture of the Start button. Search for firewall in the search box, then click the Windows Firewall link to open the Windows Firewall. By selecting Allow a program or feature from the left pane, you can open the Windows Firewall window. You can change the settings by clicking Change settings.

You do not need to change the settings in Windows 10 to enable a firewall. Internet Explorer must have an online backup media drive path, a TCP port 80 connection, and a gateway port 4310 connection. Windows Update does not have a fixed IP address, and the IP address of the site constantly changes. Microsoft Defender Firewall is an excellent choice if you already have a firewall installed. The Start menu contains a link to the wn security utility, which provides virus and threat protection. Some computer software programs may cause delays or interruptions in Windows updates and antivirus updates. protects your computer against unwanted Internet traffic by blocking or allowing connections based on the security of your PC. In some cases, firewall users will be prompted to enable a program in order to communicate with the Internet via firewall. If you are not permitted to access an application, it is possible that it will not function properly.

Don’t Let Windows 10 Updates Ruin Your Day

Windows 10 updates are a potential risk, but you can protect yourself by allowing the firewall. TCP ports 80, 443, and 49152-65535 are all used in Windows Update. Although the IP address for the Windows Update website is constant, it does not always correspond to the one assigned to it.

What Ip Address Does Microsoft Update Use?

It must be connected to a TCP port 80, 443, or 49152-65535. The IP address of the Windows Update web site changes on a regular basis, so it isn’t always a fixed one. It is also not widely known that the IP addresses are publicly available. The IP address on the firewall is usually not recommended for this purpose.

What are the IP ranges for Microsoft Windows? TCP port 80, 443 port, and 49152-65535 are required for Windows Update to function. There is no fixed IP address for the Windows Update web site, and its IP address changes all the time. Make certain that the following destination hosts are specified in DNS. The only source of reliable information about Windows Update addresses is IP addresses. If you can find a DNS list that is already set up for your firewall, you’ll be better off using it. Although the document does not specify which IP addresses are used, it is theoretically a comprehensive list of Microsoft’s IP addresses.

What Ports Do Windows Updates Use?

Windows updates use port 80 for HTTP and port 443 for HTTPS.

To update Windows, you must connect to TCP ports 80, 443, and 49152-65535. In general, the HTTP port is 8531, and the HTTPS port is 8530. Port 80 is used for Windows Update agent. You can obtain updates by sending a HTTP request to HTTP or by connecting to HTTPS via port 443. The IP address of the Windows Update web site, which is not a fixed address, can change at any time. It is a Microsoft proprietary protocol that allows remote connections to other computers via the Remote Desktop Protocol (RDP). The DCOM services can be accessed from a machine by using Port 135. By running netstat, you can see that all of your network connections and listening ports are open on your computer.

Keep Your Computer Running At Its Best With Microsoft Update

A Microsoft Update update is critical if your computer is to stay running smoothly. To configure WSUS to automatically initiate updates from Microsoft Update, or to manage updates manually, use the custom Web site.

Allow Windows Update Through Sonicwall Firewall

In the SonicWall Management GUI, navigate to the Manage All Notifications menu. If you want to enable App Control, click on the Accept button at the top of the screen after checking the box under Enable App Control. Select APP-UPDATE from the drop-down list under Applications and then from the App Control Advanced menu.

To block Windows updates on Sonicwall, you must first enable a firewall. The Application Control policy can be created by selecting Deny in Windows Update. If you want to connect to SonicWall’s management section, go to the application control menu. To install Windows Update, users must use TCP ports 80, 443, and 49152-65535. In Windows 10, you are not required to configure the SonicWall Firewall before starting updates. If you want to enable it, go to the Preferences menu bar and select Enable App Control, then click Accept at the top. It is possible to enable HTTPS content filtering by configuring the Enable Check Box.

Select Check For Updates. How To Use Windows Update

TCP ports 80, 443, and 49152-65535 are required for Windows Update to work. The IP address on the Windows Update website is not fixed and changes on a regular basis.
Windows Update, a service provided by Microsoft, keeps your computer up to date with the most recent security and bug fixes. Windows Update can be downloaded and installed automatically or manually, depending on how you want to check for updates.
If you want to manually check for updates, launch Start, click All Programs, and then Windows Update. The Check for updates option can be found in the left pane under Available updates. As soon as an update is available for your computer, it will appear in the Updates section. The Install updates button can be used to download and install these updates, or the Don’t install these updates option can be used to turn off certain features.
If you have a personal computer, you must install Windows Update when you install Windows 8.1, Windows 8, Windows 7, Windows Vista, Windows XP, or Windows Server 2012. If you work or attend school on a computer that is a work or school computer, you can install Windows Update by following these steps: You can go here for more information. Under Start, select Control Panel from the menu.
By clicking the Windows Update link, you can download the Windows Update program.
If you don’t see Windows Update, press the on-screen button to confirm that Windows Update is not installed.
By going to the left pane, you can select Installed updates.
When you see an update that you want to install, choose it and click OK.
When installing updates on your computer, click the Available updates button under Installed updates.
The updates that are currently pending on your computer can be found under Pending updates (with a green check mark).
Windows 8.1, Windows 8, Windows 7, Windows Vista, Windows XP, and Windows Server 2012 are all compatible with automatic Windows Update installation.
You can either manually check for updates or install Windows Update automatically. You can access the left pane’s Available updates by clicking here.

Microsoft Updates are released on a regular basis in order to keep Microsoft products up-to-date and to patch security vulnerabilities. As such, it is important to whitelist the Microsoft Update URL in order to ensure that these updates are received and installed in a timely manner. The Microsoft Update URL is: https://update.microsoft.com.

In this section, we provide a list of URLs that must be checked before a patch is downloaded to your assets. Allow these URLs to be accessed through firewalls or other content blocking technologies. It may be easier to define an exception for a domain as a whole rather than entering all of its URLs.

Windows Update For Business Firewall Rules

Windows Update for Business is a new feature in Windows 10 that helps manage updates for your devices. With Windows Update for Business, you can control how and when updates are installed on your devices. You can also choose to have updates installed automatically or manually.

Windows 10 does not require you to configure Windows updates in order to run them through the firewall. Adding an app to the list of permitted apps is generally preferable to opening a port. While ports remain open until they are closed, apps that have permission will only open the hole as needed. Port 135, Port 140, and Port 445 are the three Port 135 ports that can be used for authentication and file sharing in RPC. Inbound traffic to these ports must be allowed by the firewall on the WSUS server. In order to access Windows Update, go to the Start menu and select ‘cmd.’

Should You Firewall Windows Update?

The Windows Update function is a critical component of Windows and is essential for keeping your operating system up to date. It is possible that not all people trust Microsoft the same, and they may firewall their computer in order to prevent Windows Update from running. As a result, Windows will continue to update without being protected. If you want to do so, you must first enable the firewall.
Once the firewall is set up, it is critical to determine which updates should be allowed to pass. Security updates, critical updates, and driver updates are not permitted under deferral. Non-Windows updates (such as updates for Microsoft Office or Visual Studio) are considered quality updates in Windows Update for Business.
You must keep your system up to date at all times, but you must also understand the consequences of allowing certain updates to pass through the firewall.

Windows Update Firewall Requirements

If you want to use the Windows Firewall, your PC must meet the following requirements:
Windows Firewall is only available in Windows XP Service Pack 2 (SP2) and later versions of Windows.
You must have Administrator rights to change firewall settings.
Your computer must have a network connection.
The Windows Firewall must be turned on to work properly.

Firewall Won’t Stop Windows Updates

How can I stop windows updates?
Windows updates will not function unless they are protected. As a result, it is necessary to configure the firewall.
Which ports are needed to use Windows Update Services?
The client computer must have two outbound ports on the WSUS server. The default ports for this purpose are 8530 and 8531.
What is the reason why windows update uses HTTP?
HTTPS is supported by port 80, whereas HTTP is supported by port 443.

What protocols does Windows Update use?

Does Windows Update use port 80?

What ports does Wsus use?

Where is the location of Windows Update?