Fix .NET Update Failing With 0x80092004 on Windows 11
🔍 WiseChecker

Fix .NET Update Failing With 0x80092004 on Windows 11

by

Quick fix: 0x80092004 is CRYPT_E_NOT_FOUND — a required certificate or key is missing. For .NET updates, this usually means a corrupted catroot2 cache. Stop the Cryptographic Services, delete C:\Windows\System32\catroot2, restart the service, and retry the update.

You ran Windows Update and a .NET cumulative update failed with error 0x80092004. The error code refers to cryptographic verification — Windows can’t verify the update’s signature against its catalog. The issue is typically a corrupted certificate cache, not a real signing problem.

Symptom: .NET update fails with error 0x80092004 (CRYPT_E_NOT_FOUND).
Affects: Windows 11 .NET cumulative updates.
Fix time: 10 minutes.

ADVERTISEMENT

What catroot2 stores

catroot2 holds the certificate signature catalog used by Windows Update to verify package authenticity. The folder grows over time as new catalogs are added. Occasionally, an interrupted update leaves a corrupted entry, and subsequent updates that need that catalog fail with CRYPT_E_NOT_FOUND.

Method 1: Reset catroot2

  1. Open elevated Command Prompt.
  2. Stop services:

    net stop cryptsvc

    net stop wuauserv

    net stop bits

    net stop msiserver
  3. Rename catroot2 (safer than delete):

    ren C:\Windows\System32\catroot2 catroot2.old
  4. Restart services:

    net start cryptsvc

    net start wuauserv

    net start bits

    net start msiserver
  5. Re-run Windows Update. catroot2 rebuilds from scratch.

ADVERTISEMENT

Method 2: Reset Windows Update components

  1. Same as Method 1 but also rename SoftwareDistribution: ren C:\Windows\SoftwareDistribution SoftwareDistribution.old.
  2. Restart services.
  3. Run Windows Update.

Method 3: Install the .NET update manually from Catalog

  1. Visit https://catalog.update.microsoft.com.
  2. Search for the failed KB number.
  3. Download the .msu for your architecture.
  4. Right-click and choose Run as administrator.
  5. The standalone installer often succeeds where Windows Update fails because it bypasses the catroot2 path.

Verification

  • .NET update installs successfully.
  • Update history shows the KB as Succeeded.
  • 0x80092004 no longer appears.

If none of these work

If the error persists, run sfc /scannow then dism /online /cleanup-image /restorehealth to repair system file corruption. For chronic .NET update failures, install the matching .NET runtime manually from https://dotnet.microsoft.com and retry.

Bottom line: 0x80092004 = catroot2 corruption. Reset the cache by renaming the folder while services are stopped. Standalone .msu installs are the fallback for stubborn cases.

ADVERTISEMENT

← Back to WiseChecker HomeMore in Windows & PC

🔍 Recommended for You