Windows Update is been blocked - svchost.exe connections are been blocked

Hello folks,

Long time no see. Happy to be back! I haven’t been able to run Windows Updates lately. When I try to update I receive the Windows Update error number 0x8024402C and after doing a little research I figured out CIS 4.1.150349.920 is blocking svchost.exe connections to Windows Update service. See below:

I have disabled the firewall module (Firewall Security Level > Disabled) and then I could run Windows Update normally.

How can I tell CIS 4 to do not block svchost.exe connections? I have looked at the Network Security Policy window and I haven’t find the svchost.exe Firewall Rule entry. See below:

Any suggestions or comments? Is there a good and secure set of Firewall Rules for svchost.exe process?

See you later,


Edit by EricJH: I removed the spam like notification that your image were uploaded to a well known image sharing site

I see no rule for svchost under Application Rules. Did you block this program under Firewall → Common Tasks → Define a New Blocked Application?

Dear EricJH,

Thank you for replying. I did not that “Define a New Blocked Application” step. I will try to create a special set of rules for svchost.exe. Do you have some suggestions or links to enlighten me about a good set of rules for svchost.exe? Thank you for your attention. And sorry one more time for my mistake about the spam like links, it was not my intention. My mistake.

See you later,


It is easiest to give svchost.exe the outgoing only policy.

i thought comodo was designed to not block windows update or something like that

it doesn’t block Windows updates. I receive the monthly updates on schedule from Microsoft.
Set System and svchost.exe as Outgoing Only rule.