/build/static/layout/Breadcrumb_cap_w.png
10/09/2018 351 views
We're having some issues with Windows 10 ver 1803. We're currently on Win 10 ver 1709, and 1803 seems to be sporadically attempting to install on various machines in our environment with no rhyme or reason. It installed on about 40 machines last week. I have all patches related to 1803 set to inactive in KACE (this was set weeks ago) and there are no schedules that are pushing it. At this point I doubt it is coming from KACE, but is there some way to check if there are machines pending to get this update even though it's been marked inactive for weeks? If I look at the patch detail of the latest 1803 update, 2018-09 Cumulative Update for Windows 10 Version 1803 x64 (KB4458469), it shows me a list of machines which are "patched" and "not patched" but that's all. Only 1 machine, my own, shows "Success" under Deploy Status and all show 0 for Deploy Tries (my machine got the update like 5-6 weeks ago and was the first one we noticed it on, afterwords is when I set the 1803 patches to inactive). If I look under software detail for Windows 10 ver 10.0.17134, again it just gives me a list of machines with it installed but not any indication if there are other machines queued to get it or where it might be coming from. Any ideas? Additionally, is there anything I can do to make 100% sure these updates will NOT be pushed by KACE?
We do not use any other software to deploy patches or updates.
0 Comments   [ + ] Show comments

Comments


All Answers

2
Are you sure this is KACE patching? Having looked at the issue of pushing major windows 10 updates, they are not downloaded to KACE as an update, which might suggest that this is actually Windows update rather than KACE downloading and installing. Microsoft grows increasingly sneaky in turning on Windows updates despite KACE maybe turning it off via a script, so you have to be very vigilant or actually delete the update service to really stop this happening.
Answered 10/09/2018 by: Hobbsy
Red Belt

  • This is correct. Feature updates (like 1803) are not included in the KACE patching feed, so if your machines are getting upgraded either there is another system on campus pushing it (WSUS, SCCM, etc) or users are running Windows Update themselves.
    • Yep, you may want to join us here to hear about our experiences with this issue https://www.itninja.com/blog/view/windows-10-is-coming-are-you-ready-to-migrate
  • https://www.itninja.com/question/windows-10-upgrade
  • Aaaah interesting, glad to hear there are no feature updates in KACE! I was thinking updates such as
    2018-09 Cumulative Update for Windows 10 Version 1803 x64 (KB4458469)
    were what was potentially causing the update. We used to use WSUS and SCCM but have neither running in our environment currently, only KACE. Some users are getting a pop up to upgrade Windows which is not a KACE pop up, so it seems Microsoft is just being sneaky.