Microsoft Security Update MS14-045 might cause System Faliure
Any tips of removing patch MS14-045 (KB2982791) via Kace 1000.
Thanks,
H
Thanks,
H
2 Comments
[ + ] Show comments
Answers (4)
Answer Summary:
Please log in to answer
Posted by:
Aaron Cool
10 years ago
Try using Online Shell Script with the following Script Text:
%WINDIR%\SysNative\wusa.exe /kb:2982791/uninstall /quiet /norestart
Posted by:
dking@monvalleyhospital.com
10 years ago
What I did to resolve the issue was first discover all of the workstations with the patch installed.
Then I would add a label such as MS14-045 Removal.
Then I would create a batch file that runs the following code.
@echo off
wusa /uninstall /kb:2976897 /quiet /norestart
END
This code will need to be modified to fit the exact patch you want to remove. I just so happen to have kb:2976897 installed. This will uninstall the patch and not require a restart. This code should work on windows 7 x86 and x64.
Then I would place this new batch file into a script and push it out via run now to the workstations created in the label.
Posted by:
ronco
10 years ago
hjansari,
I just confirmed in my K1000, and the MS14-045 all support Rollback. So, you should be able to use K1000 Patching to remove the patches from your devices.
Ron Colson
KACE Koach
Comments:
-
I tried running it through rollback and it did not successfully uninstall, it still shows under "Patches Reported Installed in Software Inventory" but never showed up in the Patching Detect/Deploy status. - mofish 10 years ago
Posted by:
dugullett
10 years ago
Although it will not help your current problem, one thing I do is create my patch labels based off of release date. Any new patches released in the past 10 days deploy to my test lab. After 10 days they deploy to production. MS14-045 did deploy to my test lab. Once Microsoft pulled it I went into patching, and marked it as inactive. I also have my test lab set to PXE first. Using the K2000 I imaged the entire lab so that they were back to normal without MS14-045.
In 6.0 it looks like it's now an option when creating the labels. The old school way I did mine was adding the lines in below.
NEW - Less than 10 Days
AND KBSYS.PATCHLINK_PATCH.RELEASEDATE > DATE_SUB(NOW(), INTERVAL 10 DAY)
TESTED- Over 10 Days
AND KBSYS.PATCHLINK_PATCH.RELEASEDATE < DATE_SUB(NOW(), INTERVAL 10 DAY)
Do these patches show as Installed on the device you've tried to perform a Rollback on? The "Patches Reported Installed in Software Inventory" and the K1000 Patching Detect process are vastly different. If Patching doesn't detect it as installed, then it can't uninstall (Rollback) it.
Have you checked the patching logs on the device to see what the outcome of the Rollback is? Remember, that Inventory might not have run on the device, since Patching finished, and therefore might not have updated "Patches Reported Installed in Software Inventory" yet.
Ron Colson
KACE Koach - ronco 10 years ago