KB5032196 & KB5032197

BatchPatch Forums Home Forums BatchPatch Support Forum KB5032196 & KB5032197

  • This topic has 7 replies, 2 voices, and was last updated 12 months ago by doug.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #14129
    Kend
    Participant

    KB5032196 & KB5032197 doesn’t seem to be detected via batchpatch.
    we are using offline cached mode.
    It’s available in the catalogue for win 10 but when doing a check for update it says no updates available (reboot already done)
    On a server 2019 machine.
    Updating manually via the windows update works…

    #14131
    doug
    Moderator

    Offline mode utilizes the WsusScn2.cab file that Microsoft releases each month in order to scan computers and report which updates are available. The offline mode scan file (WsusScn2.cab) will not produce identical scan results compared to what is offered via the standard Windows Update channel. For whatever reason this month Microsoft has not included some updates in the WsusScn2.cab file. It’s unclear if they will release an update to the WsusScn2.cab file this month (seems unlikely) or if they will just wait for next month to add the updates in question.

    In all cases, we recommend that you only use offline mode in cases where computers actually do not have access to the internet or a WSUS.

    As for the particular updates that you mentioned, to get them installed asap you can download them manually directly from the Microsoft catalog, and then you can deploy them to offline computers with the BatchPatch ‘Deploy’ action.

    #14132
    Kend
    Participant

    Before i do a check for update it does detect that the KB5032196 or KB5032197needs to be installed.
    However when doing a “download and install updates” the patch is not installed and afterwards batchpatch says no applicable updates.
    Once KB031990 is installed it no longer is able to detect or scan for the other patches.

    #14133
    doug
    Moderator

    I’m confused by what you’re describing. In your first posting you said that performing BP check for updates in offline mode returns no updates available and does *not* detect KB5032196 or KB5032197. Now in your most recent posting you’re saying that BP check for updates *does* detect KB5032196 or KB5032197, but when attempting to download/install BP says no applicable updates. Then you separately referenced KB031990, but when I try to find KB031990, I see that it’s not a valid KB ID. With all that said, I’m really confused about what you’re talking about, and I don’t know how to respond. Posting two seems to directly contradict what you said in posting one. And then you mentioned a KB that doesn’t exist, so it just doesn’t make much sense. If you continue to have problems or questions, please try to state everything again from scratch very carefully. And please be very specific and detailed about exactly which actions you are trying, which modes you are trying them in, and the exact text that BatchPatch is returning.

    A couple of additional points to consider:

    If the BP check for updates finds updates available but those updates are not downloaded/installed by BP when BP performs download/install, you can see the reason why they are skipped in the ‘Remote Agent Log’ column at the end of the action (or in the BatchPatch.log file on the target computer in the remote working directory (default is C:\Program Files\BatchPatch\BatchPatch.log)). It will say in that log exactly why an update was skipped. Generally, the only reason why the check for updates would find updates but then they wouldn’t be downloaded/installed during download/installation is because your filters are set to skip them.

    #14141
    Kend
    Participant

    I cannot give a descent reply because your forum detect double entries…

    I tried to reply with a step by step process…

    #14142
    Kend
    Participant

    https://imgur.com/CA4wcsw

    Lets get creative then…

    #14134
    Kend
    Participant

    I made a typo it was KB5031990

    I checked the logs C:\Program Files\BatchPatch\BatchPatch.log but it seems these logs are longer being update since February this year

    But to give a better understanding of the situation i will try and explain in steps.

    1) first we do a check for updates.
    We see that the following patches needs to be installed:

    `The search query “ImportantAndRecommended” returned 4 update(s):

    Windows Malicious Software Removal Tool x64 – v5.119 (KB890830) (60 MB) (2023-11-06) – Update Rollups
    (Type-SoftwareUpdate | Downloaded-FALSE | RebootRequired-MAYBE)
    http://support.microsoft.com/kb/890830

    2> 2023-11 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5032197) (1624 MB) (2023-11-13) – Security Updates
    (Type-SoftwareUpdate | Downloaded-FALSE | RebootRequired-MAYBE)
    http://support.microsoft.com/kb/5032197

    3> 2023-11 Servicing Stack Update for Windows Server 2016 for x64-based Systems (KB5032391) (11 MB) (2023-11-13) – Security Updates
    (Type-SoftwareUpdate | Downloaded-FALSE | RebootRequired-FALSE)
    http://support.microsoft.com/kb/5032391

    4> 2023-11 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 for x64 (KB5031989) (54 MB) (2023-11-13) – Security Updates
    (Type-SoftwareUpdate | Downloaded-FALSE | RebootRequired-MAYBE)
    http://support.microsoft.com/kb/5031989

    ::End search

    2) we schedule a download and install of the updates which succeeded.
    3) afterwards we do again a check for update and see no applicable updates.

    However when i check on the server itself the Cumulative Update for Windows Server 2016 does not appear to be installed. ex. KB5032196 & KB5032197 (rebooted servers as well)
    So after these steps batchpatch is no longer to be able to detect that these patches still need to be installed.
    When doing a manually update via windows update manager it downloads and installs. (to confirm they where not installed via batchpatch)

    #14147
    doug
    Moderator

    If the BatchPatch scan completes then there *must* be a log of it on the target computer. Maybe you changed the default location. In BatchPatch check under ‘Tools > Settings > Remote Execution > Remote working directory’. This is the location on each target computer where the BatchPatch.log is stored. You need to review that log because it will show everything that BatchPatch did with searching/downloading/installing Windows Updates. You’ll be able to see there if BatchPatch failed to install an update or if BatchPatch skipped installation of an update because of a filter that you have applied.

    You can also retrieve a different Windows Update history log in BatchPatch under ‘Actions > Windows Updates > Generate consolidated report of update history’. There are two different queries that should both be reviewed because they produce different results because these are being pulled from Windows, and Windows puts them in two different locations. However, it’s still important to review the BatchPatch.log as as noted above because that will contain the exact detail of what BatchPatch did.

    Note, when you check on the server if the Windows Update control panel shows updates available, it will often show a cached query result. So if you install updates in BatchPatch and then check the server Windows Update control panel, the panel might still show that the update has not been installed simply because it didn’t refresh its scan results. SO then if you opt to install the updates there, it looks like it’s installing them even though they have already been installed.

    If you continue to have questions or confusion I would suggest you open a support ticket so that we can more easily review log files etc rather than trying to post them to this forum.

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.