Fix: Windows Update Error 80072EFE

Error 80072EFE is usually trigered when there are issues with the internet connection. This can be on a client-side or on the windows server, since we do not have access to the server we’re left with troubleshooting the client side only.

The hex codes translates into ERROR_INTERNET_CONNECTION_ABORTED.

The 80072EFE error is primarily a Windows Vista and Windows 7 issue. But it’s also known to appear on Windows 10 (often caused by malware belonging to the rootkit family). If you follow the original documentation, the error code hints towards a connection interruption. This can mean a flaky line or a cable interruption, but it can also be a red flag that a malicious rootkit that is interfering with your internet connection. However, this issue can also be caused by 3rd party firewalls or anti-virus suites that are overly protective when overseeing your data exchanges. Another potential culprit is corruption in those Windows files responsible for updating your OS.

Note: If you’re encountering the 80072EFE error when performing an OS update on Windows phones like Nokia Lumia, the issue is either server-side or it’s a faulty network setting. In any case, wait a couple of hours and see if the update is able to complete. If the issue persists, try using a proxy server or a VPN app and parse your internet connection through it. In the event that the update still doesn’t install, perform a hard reset and try again.

If you’ve only discovered this issue, you should start your troubleshooting quest by making sure your internet connection is functioning properly. Then, wait a couple of hours and try to perform the update again. While you wait, it’s a good idea to restart your router/modem in order to force it to re-assign your DNS settings. If the issue was indeed server-side or a network misconfiguration, it should automatically be fixed and the update should install successfully.

Once you’re sure that the issue is not server-side, there are a couple of steps you can follow to get rid of the 80072EFE error. Follow the methods below in order until you find a fix that works for you.

Method 1: Using tdsskiller.exe to remove rootkit files

Since a malware interference can do a lot more damage than preventing you to update, we’ll start with it. The 80072EFE error is often linked with a family rootkit malware belonging to the win.32 TDDS family. This rootkit is known to prevent security updates from getting through and will also severely limit the reactionary capabilities of Windows Defender.

Luckily, removing the malicious rootkit files is extremely easy. Kaspersky labs released an executable that will remove the rootkit files with a few simple clicks. Here’s a quick guide to using tdsskiler.exe:

Note: Running the tdsskiller executable on systems without malware problems will not have a negative effect on your computer. Even if you believe your system is not infected, it’s recommended that you don’t skip this first method.

  1. Download tdsskiller.exe from the official link.
  2. Run the executable and click on Start Scan.
  3. If TDSSKiller finds any treats, it will automatically proceed to kill them. Once the process is complete, restart your system.
  4. Check for updates again in Windows update and see if they manage to install correctly.

Method 2: Disabling firewalls and antiviruses 

If you used tdsskiller.exe without results, let’s determine if your 3rd party antivirus suite or firewall is not acting up. Third party firewalls or antivirus suites can malfunction and determine that the Windows update connection is unsafe. This will end up preventing your Windows OS from applying the necessary updates. There are a lot of conflicts between Windows Defender and 3rd party security solutions that will produce the 80072EFE error. Here’s a list of firewalls that are known to cause this issue:

  • Norton Internet Security
  • Panda Firewall
  • Zone Alarm Firewall
  • McAfee firewall
  • AVG firewall

If you have one of the above 3rd party firewalls, disable them, restart your system and try performing the update again. Even if you have a different firewall software, try disabling it before performing the Windows update.

Method 3: Deleting the CatRoot2 folder

The catroot2 folder is a Windows system folder required by the Windows Update process. Whenever you update through Windows update, the catroot2 folder is responsible for storing signatures of the Windows Update package. As it turns out, deleting the contents of the catroo2 folder will remove corruption and fix several Windows update problems including the 80072EFE error.

Note: Deleting the catRoot2 folder will not cause any malfunctions to your system.

If you decide to follow this method, you’ll need to disable the Cryptographic service first since it uses a file located inside the CatRoot2 folder.

Here’s a quick guide to disabling the Cryptographic Services and deleting the CatRoot2 folder:

  1. Press Windows key + R to open a Run window. Type Services.msc and press Enter to open the Services panel.
  2. Scroll down and double-click on Cryptographic Services. Next, select the General tab in the Cryptographic Services Properties window. From there, click the Stop button to turn the service Off if it’s already enabled. If it’s disabled, you can move on to the next step.
  3. Navigate to C:\ Windows \ System32 and locate the Catroot2 folder. Right-click on it and select Delete. You will need administrator privileges in order to complete this operation.
    Note: Keep in mind that your user account needs to be set up as admin in order to be able to delete Catroot2. If you are unable to delete the Catroot2 folder, try renaming it instead. You can use any given name. If that also fails, try rebooting in safe mode and attempt to delete the Catroot2 folder again.
  4. Return to the Cryptographic Services Properties window in the General tab and click the Start button to re-start Cryptographic Services.
  5. Restart your computer and attempt to apply the Windows update again.

Method 4: Resetting the Local Group Policy of Windows

If you’re working with a custom Windows Group Policy, your settings might prevent Windows Update from performing the necessary updates. Some users have reported that resetting their local group policy settings eliminated the 80072EFE error and allowed Windows to update normally.

Here’s a quick guide on reverting the default local group policy:

  1. Press Windows key + R to open a Run window. Type gpedit.msc and hit Enter to open the Local Group Policy Editor.
  2. Browse to Local Computer Policy > Computer Configuration > Administrative Templates and click on All Settings to select it.
  3. Now, use the panel on the right-side to identify the entries that are either Enabled or Disabled. You can make it easier for yourself by clicking the State button at the top of the column. This will sort the entries and help you spot modified policies more easily.
  4. Double click every policy that is either Enabled or Disabled and set the state to Not configured. Make sure every entry is set to Not configured when you’re done.
  5. Once you’ve reverted to the default group policy, restart your machine and force the Windows Update again.


We certainly hope that the methods above have been successful in helping you get past the 80072EFE error and update your Windows. If you’re still having this issue on a valid Windows license, you should contact a Microsoft Customer care representative. Some users have reported that this particular error code (80072EFE) was fixed after Microsoft rectified their Product Code. 

If a Microsoft technician confirms that your license code is valid, you should turn your attention towards your hardware. As stated above, the error message signals an network interruption. This could very well mean a faulty internet adapter or a bad cable. If you have a dynamic IP, you can also try to call your ISP and ask them to set up a static IP for your machine.


Kevin Arrows

Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.