I'm been running up against a wall for awhile with this issue and would appreciate any help. I have 2 Windows Server 2012 R2 servers that successfully receive updates from WSUS but are not updating revoked certificate information. None of my other systems in this domain have this issue. Only 2 (both are SQL servers that are clustered.
I have confirmed that KEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate is set to 0 and that group policy settings are correct..