Snag some free swag from us while sharing your top challenges & successes. Learn more > https://www.community.connectit.com/discussion/39687/we-want-to-hear-from-you

Uninstall Windows Update

Kaseya Automation Team
Kaseya Automation Team USMember, Kaseya Certified CHOCOLATE MILK
edited January 24 in Solutions

Product Name: Uninstall Windows Update

Description : This Agent Procedure will uninstall a Microsoft update using a Powershell script.
It will prompt for the KB number when the procedure is scheduled, only include the number part of the KB, for instance: 4058043 for KB4058043 and the script will proceed with a silent uninstallation of the update, as long as the System does not require it.

It is recommended to restart the endpoint after running the procedure to fully uninstall the update.

Instructions :

Upload the procedure with the Import Folder/Procedure tool in the Agent Procedures module under Schedule / Create

Comments

  • Andrew
    Andrew Member CHOCOLATE MILK
    edited February 2018
    This is a very helpful script, thanks Doug.
  • ivano marino
    ivano marino Member
    edited June 2020

    Hi, there are limitations on WINDOWS10? Don't work's 

  • Charlie Liakos
    edited March 2021

    DISM needs to be run in an elevated prompt, which this script doesn't do.  Does anybody have a Kaseya procedure/script that does the elevation and then uninstalls the KB correctly?

  • Christian Schult
    edited March 2021

    Not working for me either on Windows 10 2004 or 20H2. I would appreciate any help.

  • Alex Insley
    Alex Insley Member
    edited March 2021

    I am having the same difficulties. I also tried developing a shell command that uses WUSA to remove it but it doesn't work either.

  • Alex Insley
    Alex Insley Member
    edited March 2021

    I am having the same difficulties. I also tried developing a shell command that uses WUSA to remove it but it doesn't work either.

  • Sam
    Sam Member
    edited March 2021

    wusa won't work on Windows 10 since the /quiet flag was deprecated a while back. 

    DSIM should work fine, however not all packages will list the KB number in the title so you may not be able to remove packages consistently like this.

    For instance the latest MS Patch debacle with KB5000802, the KB could only be removed using the following command:
    dism /Online /Remove-Package /PackageName:Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.867.1.8 /quiet /norestart

    Running this procedure inputting a KB number will not work as expected as the KB number is completely missing... at least this is what I found.
    Modifying the procedure to take the title would be trivial, however, identifying the KB to the Title can be challenging.

  • Jason Bachman
    Jason Bachman Member CHOCOLATE MILK
    edited March 2021

    Depending on the patch trying to be uninstalled, this script will not work due to the KB### not being in the patch string.  Additionally, WUSA Does not support the /quiet switch when using the /KB switch so that will not work either. 

    The solution is as follows:

    on a machine with the patch you want to remove, run "dkim /online /get-packages /format:table" and then find the patch that you are trying to uninstall.  This can be tricky because the strings may look similar and without the KB number in them.   The giveaway will be the version number at the end which should match the OS Version build, and the install date.   Use the full version number at the end of the string as the filter for the script to find the patch.  Then, modify the script accordingly to search for that version string instead of the KB###. 

  • Jason Bachman
    Jason Bachman Member CHOCOLATE MILK
    edited March 2021

    Here is my script that removes KB5000808.. This can be easily modified to remove any of the hotfix rollup packages using the version string from DKIM output.

    https://rklcpa.egnyte.com/dl/vPntF3ZDxI

  • Sam
    Sam Member
    edited March 2021

    Just FYI MS did provide an out of band for last week's bad patches.

  • Arjun
    Arjun Member CHOCOLATE MILK
    edited March 2021

    Any procedure to uninstall KB5000802?

  • Jason Bachman
    Jason Bachman Member CHOCOLATE MILK
    edited March 2021

    Just modify my script to search for the version string for that patch.

  • Eric Kunselman
    edited March 2021

    As Sam said, MS provided an out of band patch for today - not seeing it as of yet in VSA, it is presented as a "Quality optional update" in windows update

    https://support.microsoft.com/en-us/topic/march-15-2021-kb5001567-os-builds-19041-868-and-19042-868-out-of-band-6e0844a2-7551-4b2d-9c4b-4274a5949bf3


  • RJ Emmett
    RJ Emmett Member
    edited March 2021

    I've run windows update on my main computer and my test box this morning and I do see the KB5001567 update as being available on both.  It's not showing up in VSA as of 10a PST.  I am pretty sure there is a way to have the VSA through agent procedures download/install software; I'm just not that smart.

    You can get the KB5001567 update here:  https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001567

    Can someone walk me through how to push this update as a separate software install?  Agent procedure?

  • Sam
    Sam Member
    edited March 2021

    You can just script it... I would recommend PSWindowsUpdate to deploy the KB... much easier IMO for Out-of-Band that need to be pushed right away.

    You should be able to create a script to do that pretty easily. I would probably encapsulate into a PS1 script and pass the KB as parameter as the VSA messes with syntax too much when trying to run PowerShell.

    In any case here is the stuff to do... Installed the PSWindowsUpdate module, import the module then just install the KB... there are switches to make it not reboot if needed...

    Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Confirm:$False
    Install-Module PSWindowsUpdate -Force -Confirm:$False
    Import-Module PSWindowsUpdate
    Get-WindowsUpdate -KBArticleID %KBNumber%

  • Eric Kunselman
    edited March 2021

    Looks like Kaseya pulled KB5000802 and KB5000808 from software management stream