- This topic has 8 replies, 2 voices, and was last updated 7 years, 1 month ago by .
-
Posts
-
I have several machines which have been saying “1 update found” for the last two patch cycles, but when I go to the machine itself and check updates, no updates are found. All of these machines performed this months patches and rebooted successfully, but still insist there is an unapplied update. Most of these machines are Windows 7, but one is Windows server 2012 R2. I checked updates and I’m running the latest build of BatchPatch as of today.
I did not see a similar issue in my forum searches.
What is the update that is available? Sometimes you might seen this with a Windows Defender definition update since there is a new one every day.
Also you can/should look at the ‘Remote Agent Log’ column or the BatchPatch.log file from the target computer to see what actually is taking place during the update process. Is there an update that is failing to apply? The failure will be visible in the log.
-Doug
Ok so we see that there is a definition update. And so now we need to see what the ‘Remote Agent log’ or the target computer C:Program FilesBatchPatchbatchpatch.log file says about the installation attempt, not just the search. If you do a “download and install updates” then there will be an entry for that in the log. It will show if the update was installed by BatchPatch or if it failed to install. If it failed to install, there will be a reason code.
I understand that you are saying that there is no update to be applied, but it seems that BatchPatch is finding an update. Just because you don’t see it in the Windows Update control panel on the target computer does not mean that it does not exist.
Also you can look at the history report in BatchPatch (‘Actions > Windows Updates > Generate consolidated report of update history’) which will show the application that has been applying this update in the past.
Yes, definition updates are the same KB number every time with a different definition number. Based on what you have shown me here and what you have said it appears that the issue is specific to Definition 1.249.211.0, because we see that Definition 1.253.667.0 installed successfully and then was not offered again. And it seems that the 1.249.211.0 is only offered/shown when no other definition update is offered/shown. The problematic update is, in fact, being offered by the Windows Update agent. BatchPatch is not “inventing” the update or pulling it from some cache. There are a couple of things I would suggest as a start.
0. Are you using WSUS? You should see if you can decline this particular definition update on your WSUS. If you are not using WSUS then skip to the next suggestion.
1. Note that you are currently searching for “all software updates” in BatchPatch. I suspect that the reason you do not see this update in the Windows Update control panel is because of the search scope. If you were to change your search preferences in BatchPatch (under ‘Tools > Settings > Windows Update’) to ‘Important’ and ‘Recommended’ instead of ‘all software updates’ I wouldn’t be surprised if you stopped seeing the update appear. In general, when not using WSUS we recommend using ‘Important’ and ‘Recommended’ to best mimic what Microsoft wants you to download/install on the computer.
2. You might simply be able to hide the update from appearing in BatchPatch search results. Following these instructions to hide the update in question might be sufficient.
Hiding Windows Updates Remotely In a Non-WSUS Environment
3. As a last resort I would think that you could uninstall/reinstall MSE on the target computers.
Excellent. Thanks for letting me know. You’re welcome.
-Doug
- You must be logged in to reply to this topic.