/build/static/layout/Breadcrumb_cap_w.png

Windows 10 1803 still pushing to machines despite being Inactive in KACE

We're having some issues with Windows 10 ver 1803. We're currently on Win 10 ver 1709, and 1803 seems to be sporadically attempting to install on various machines in our environment with no rhyme or reason. It installed on about 40 machines last week. I have all patches related to 1803 set to inactive in KACE (this was set weeks ago) and there are no schedules that are pushing it. At this point I doubt it is coming from KACE, but is there some way to check if there are machines pending to get this update even though it's been marked inactive for weeks? If I look at the patch detail of the latest 1803 update, 2018-09 Cumulative Update for Windows 10 Version 1803 x64 (KB4458469), it shows me a list of machines which are "patched" and "not patched" but that's all. Only 1 machine, my own, shows "Success" under Deploy Status and all show 0 for Deploy Tries (my machine got the update like 5-6 weeks ago and was the first one we noticed it on, afterwords is when I set the 1803 patches to inactive). If I look under software detail for Windows 10 ver 10.0.17134, again it just gives me a list of machines with it installed but not any indication if there are other machines queued to get it or where it might be coming from. Any ideas? Additionally, is there anything I can do to make 100% sure these updates will NOT be pushed by KACE?
We do not use any other software to deploy patches or updates.

0 Comments   [ + ] Show comments

Answers (1)

Posted by: Hobbsy 6 years ago
Red Belt
2
Are you sure this is KACE patching? Having looked at the issue of pushing major windows 10 updates, they are not downloaded to KACE as an update, which might suggest that this is actually Windows update rather than KACE downloading and installing. Microsoft grows increasingly sneaky in turning on Windows updates despite KACE maybe turning it off via a script, so you have to be very vigilant or actually delete the update service to really stop this happening.

Comments:
  • This is correct. Feature updates (like 1803) are not included in the KACE patching feed, so if your machines are getting upgraded either there is another system on campus pushing it (WSUS, SCCM, etc) or users are running Windows Update themselves. - chucksteel 6 years ago
    • Yep, you may want to join us here to hear about our experiences with this issue https://www.itninja.com/blog/view/windows-10-is-coming-are-you-ready-to-migrate - Hobbsy 6 years ago
  • https://www.itninja.com/question/windows-10-upgrade - Channeler 6 years ago
  • Aaaah interesting, glad to hear there are no feature updates in KACE! I was thinking updates such as
    2018-09 Cumulative Update for Windows 10 Version 1803 x64 (KB4458469)
    were what was potentially causing the update. We used to use WSUS and SCCM but have neither running in our environment currently, only KACE. Some users are getting a pop up to upgrade Windows which is not a KACE pop up, so it seems Microsoft is just being sneaky. - winterelegy 6 years ago
    • Do you have a group policy in place to disable automatic windows updates? I would do that, and it should stop the issue. - jmorton 5 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ