diff --git a/changelogs/fragments/win_updates_typo_whitelist_fix.yaml b/changelogs/fragments/win_updates_typo_whitelist_fix.yaml
new file mode 100644
index 00000000000..fac799214af
--- /dev/null
+++ b/changelogs/fragments/win_updates_typo_whitelist_fix.yaml
@@ -0,0 +1,3 @@
+bugfixes:
+- win_updates - Fix typo that hid the download error when a download failed
+- win_updates - Fix logic when using a whitelist for multiple updates
diff --git a/lib/ansible/modules/windows/win_updates.ps1 b/lib/ansible/modules/windows/win_updates.ps1
index 26b3d270e3b..d9f310253e2 100644
--- a/lib/ansible/modules/windows/win_updates.ps1
+++ b/lib/ansible/modules/windows/win_updates.ps1
@@ -119,19 +119,24 @@ foreach ($update in $search_result.Updates) {
 
     # validate update again blacklist/whitelist
     $skipped = $false
+    $whitelist_match = $false
     foreach ($whitelist_entry in $whitelist) {
-        $kb_match = $false
+        if ($update_info.title -imatch $whitelist_entry) {
+            $whitelist_match = $true
+            break
+        }
         foreach ($kb in $update_info.kb) {
             if ("KB$kb" -imatch $whitelist_entry) {
-                $kb_match = $true
+                $whitelist_match = $true
+                break
             }
         }
-        if (-not ($kb_match -or $update_info.title -imatch $whitelist_entry)) {
-            Write-DebugLog -msg "Skipping update $($update_info.id) - $($update_info.title) as it was not found in the whitelist"
-            $skipped = $true
-            break
-        }
     }
+    if ($whitelist.Length -gt 0 -and -not $whitelist_match) {
+        Write-DebugLog -msg "Skipping update $($update_info.id) - $($update_info.title) as it was not found in the whitelist"
+        $skipped = $true
+    }
+
     foreach ($blacklist_entry in $blacklist) {
         $kb_match = $false
         foreach ($kb in $update_info.kb) {
@@ -237,7 +242,7 @@ foreach ($update in $updates_to_install) {
     Write-DebugLog -msg "Download result code for $update_number $($update.Identity.UpdateId) = $($download_result.ResultCode)"
     # FUTURE: configurable download retry
     if ($download_result.ResultCode -ne 2) { # OperationResultCode orcSucceeded
-        Fail-Json -obj $result -message "Failed to download update $update_number $($update.Identity.UpdateId) - $($update.Title): Download Result $($download_result.ResuleCode)"
+        Fail-Json -obj $result -message "Failed to download update $update_number $($update.Identity.UpdateId) - $($update.Title): Download Result $($download_result.ResultCode)"
     }
 
     $result.changed = $true