updated 10:55 am EDT, Sat April 12, 2014
Flaw mandates TLS 1.2 support, not found in older Windows Server versions
Microsoft has stopped the downloads of the new Windows 8.1 update to enterprise customers after it was found to destroy the ability to recieve future updates, including security patches. The flaw affects businesses that use Windows Server Update Services 3.0 (WSUS) Service Pack 2.
Affected PCs will attempt to contact WSUS using TLS 1.2. The technology is not enabled on WSUS 3.0 by default, causing the update attempt to fail, and blocking future updates. The flaw is embedded into the main KB2919355 patch for Windows 8.1, and not one of the mandatory satellite patches that rolled out on the same day.
Microsoft has a registry hack work-around in Link textWSUS 3.0 SP2 enabling TLS 1.2 support. Older versions lack support entirely for the security protocol, requiring updates to be sent unencrypted, if at all.