/build/static/layout/Breadcrumb_cap_w.png

Microsoft Security Update MS14-045 might cause System Faliure

Any tips of removing patch MS14-045 (KB2982791) via Kace 1000.

Thanks,

H

2 Comments   [ + ] Show comments
  • Also would like to know this, because this crap program's "Rollback" function certainly can't do it. - mofish 9 years ago
  • mofish,

    Do these patches show as Installed on the device you've tried to perform a Rollback on? The "Patches Reported Installed in Software Inventory" and the K1000 Patching Detect process are vastly different. If Patching doesn't detect it as installed, then it can't uninstall (Rollback) it.

    Have you checked the patching logs on the device to see what the outcome of the Rollback is? Remember, that Inventory might not have run on the device, since Patching finished, and therefore might not have updated "Patches Reported Installed in Software Inventory" yet.

    Ron Colson
    KACE Koach - ronco 9 years ago

Answers (4)

Answer Summary:
Posted by: Aaron Cool 9 years ago
Red Belt
1
Try using Online Shell Script with the following Script Text:

%WINDIR%\SysNative\wusa.exe /kb:2982791/uninstall /quiet /norestart
Posted by: dking@monvalleyhospital.com 9 years ago
White Belt
1
What I did to resolve the issue was first discover all of the workstations with the patch installed. 
Then I would add a label such as  MS14-045 Removal.
Then I would create a batch file that runs the following code.

@echo off 
wusa /uninstall /kb:2976897 /quiet /norestart 
END

This code will need to be modified to fit the exact patch you want to remove. I just so happen to have kb:2976897 installed. This will uninstall the patch and not require a restart. This code should work on windows 7 x86 and x64. 

Then I would place this new batch file into a script and push it out via run now to the workstations created in the label.
Posted by: ronco 9 years ago
Third Degree Brown Belt
0
hjansari,

I just confirmed in my K1000, and the MS14-045 all support Rollback.  So, you should be able to use K1000 Patching to remove the patches from your devices.

Ron Colson
KACE Koach

Comments:
  • I tried running it through rollback and it did not successfully uninstall, it still shows under "Patches Reported Installed in Software Inventory" but never showed up in the Patching Detect/Deploy status. - mofish 9 years ago
    • I got the same issue that it doesnt rollback correctly. Any other ideas? - hjansari 9 years ago
      • Mine were pulled off just fine on the few systems we had it on. - nshah 9 years ago
Posted by: dugullett 9 years ago
Red Belt
0
Although it will not help your current problem, one thing I do is create my patch labels based off of release date. Any new patches released in the past 10 days deploy to my test lab. After 10 days they deploy to production. MS14-045 did deploy to my test lab. Once Microsoft pulled it I went into patching, and marked it as inactive. I also have my test lab set to PXE first. Using the K2000 I imaged the entire lab so that they were back to normal without MS14-045.

In 6.0 it looks like it's now an option when creating the labels. The old school way I did mine was adding the lines in below.

NEW - Less than 10 Days
AND KBSYS.PATCHLINK_PATCH.RELEASEDATE > DATE_SUB(NOW(), INTERVAL 10 DAY)

TESTED- Over 10 Days
AND KBSYS.PATCHLINK_PATCH.RELEASEDATE < DATE_SUB(NOW(), INTERVAL 10 DAY)

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ