Uninstall Windows Update

Kaseya Automation Team

Product Name: Uninstall Windows Update

Description : This Agent Procedure will uninstall a Microsoft update using a Powershell script.
It will prompt for the KB number when the procedure is scheduled, only include the number part of the KB, for instance: 4058043 for KB4058043 and the script will proceed with a silent uninstallation of the update, as long as the System does not require it.

It is recommended to restart the endpoint after running the procedure to fully uninstall the update.

Instructions :

Upload the procedure with the Import Folder/Procedure tool in the Agent Procedures module under Schedule / Create

Andrew

This is a very helpful script, thanks Doug.

ivano marino

Hi, there are limitations on WINDOWS10? Don't work's 

Charlie Liakos

DISM needs to be run in an elevated prompt, which this script doesn't do.  Does anybody have a Kaseya procedure/script that does the elevation and then uninstalls the KB correctly?

Christian Schult

Not working for me either on Windows 10 2004 or 20H2. I would appreciate any help.

Alex Insley

I am having the same difficulties. I also tried developing a shell command that uses WUSA to remove it but it doesn't work either.

Alex Insley

I am having the same difficulties. I also tried developing a shell command that uses WUSA to remove it but it doesn't work either.

Sam

wusa won't work on Windows 10 since the /quiet flag was deprecated a while back. 

DSIM should work fine, however not all packages will list the KB number in the title so you may not be able to remove packages consistently like this.

For instance the latest MS Patch debacle with KB5000802, the KB could only be removed using the following command:
dism /Online /Remove-Package /PackageName:Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.867.1.8 /quiet /norestart

Running this procedure inputting a KB number will not work as expected as the KB number is completely missing... at least this is what I found.
Modifying the procedure to take the title would be trivial, however, identifying the KB to the Title can be challenging.

Jason Bachman

Depending on the patch trying to be uninstalled, this script will not work due to the KB### not being in the patch string.  Additionally, WUSA Does not support the /quiet switch when using the /KB switch so that will not work either. 

The solution is as follows:

on a machine with the patch you want to remove, run "dkim /online /get-packages /format:table" and then find the patch that you are trying to uninstall.  This can be tricky because the strings may look similar and without the KB number in them.   The giveaway will be the version number at the end which should match the OS Version build, and the install date.   Use the full version number at the end of the string as the filter for the script to find the patch.  Then, modify the script accordingly to search for that version string instead of the KB###. 

Jason Bachman

Here is my script that removes KB5000808.. This can be easily modified to remove any of the hotfix rollup packages using the version string from DKIM output.

https://rklcpa.egnyte.com/dl/vPntF3ZDxI

Sam

Just FYI MS did provide an out of band for last week's bad patches.

Arjun

Any procedure to uninstall KB5000802?

Jason Bachman

Just modify my script to search for the version string for that patch.

Eric Kunselman

As Sam said, MS provided an out of band patch for today - not seeing it as of yet in VSA, it is presented as a "Quality optional update" in windows update

https://support.microsoft.com/en-us/topic/march-15-2021-kb5001567-os-builds-19041-868-and-19042-868-out-of-band-6e0844a2-7551-4b2d-9c4b-4274a5949bf3

RJ Emmett

I've run windows update on my main computer and my test box this morning and I do see the KB5001567 update as being available on both.  It's not showing up in VSA as of 10a PST.  I am pretty sure there is a way to have the VSA through agent procedures download/install software; I'm just not that smart.

You can get the KB5001567 update here:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001567

Can someone walk me through how to push this update as a separate software install?  Agent procedure?

Sam

You can just script it... I would recommend PSWindowsUpdate to deploy the KB... much easier IMO for Out-of-Band that need to be pushed right away.

You should be able to create a script to do that pretty easily. I would probably encapsulate into a PS1 script and pass the KB as parameter as the VSA messes with syntax too much when trying to run PowerShell.

In any case here is the stuff to do... Installed the PSWindowsUpdate module, import the module then just install the KB... there are switches to make it not reboot if needed...

Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Confirm:$False
Install-Module PSWindowsUpdate -Force -Confirm:$False
Import-Module PSWindowsUpdate
Get-WindowsUpdate -KBArticleID %KBNumber%

Eric Kunselman

Looks like Kaseya pulled KB5000802 and KB5000808 from software management stream