How to Rollback a Patch using Configuration Manager

16880

In this post we will see how to rollback a patch using configuration manager. Assume that you have deployed a set of updates to your windows computers and one of the update is really causing the issues with all the systems. Now you have been told to find that update and uninstall it from all systems. So you have to identify that update, this might need you to do a lot of troubleshooting to identify it. Once you do that you want to uninstall it from multiple systems. I will show you a simple way of uninstalling or removing a patch using SCCM. So let’s say you have identified that update and it’s KB3004394. Now that you know the KB number we can use the Task Sequence to uninstall patch from multiple systems. The task sequences can do lot of things. These tasks can deploy an operating system image to a destination computer, build and capture an operating system image from a set of operating system installation files, and capture and restore user state information.

How to Rollback a Patch using Configuration Manager

Open the control panel on one of the client computer. Click on Programs > Programs and Features > Installed Updates. You can see which updates are installed on the system. In this example we will see how to uninstall KB3004394.

How to Rollback a Patch using Configuration Manager

In the Configuration Manager console, navigate to Software Library > Overview > Operating Systems > Task Sequences. To start the New Task Sequence Wizard, right-click the Task Sequences node, and then click Create Task Sequence.

How to Rollback a Patch using Configuration Manager

On the Create a New Task Sequence page, select Create a new custom task sequence. Click Next.

How to Rollback a Patch using Configuration Manager

Specify a Task sequence name and click Next. Don’t choose any boot image in this step.

How to Rollback a Patch using Configuration Manager

Click Next on the Summary page.

How to Rollback a Patch using Configuration Manager

Finally click Close. You have just created a blank task sequence.

How to Rollback a Patch using Configuration Manager

Right click on the task sequence that you created, click on Edit. In the TS editor, click on Add > General > Click Run Command Line.

How to Rollback a Patch using Configuration Manager

In the command line type wusa.exe /uninstall /kb:KBNUMBER/quiet /norestart. Click OK. The TS is ready to be deployed.

Explanation of the command:

  • wusa.exe – Windows Update Standalone Installer executable.
  • /uninstall – The installer will uninstall the package.
  • /kb:KBNUMBER – Install/Uninstall the package associated with KBNumber.
  • /quiet – quiet mode, no user interaction here.
  • /norestart – Will not initiate reboot when combined with quiet mode.

How to Rollback a Patch using Configuration Manager

Right click the Task sequence and click Deploy. On the General page, click on Browse and choose the collection. Click Next.

How to Rollback a Patch using Configuration Manager

For Deployment Settings, choose Available or Required. In this example I have set the deployment setting to required. Click Next.

Difference between Available and Required in SCCM

Available – If the application is deployed to a user, the user sees the published application in the Application Catalog and can request it on demand. If the application is deployed to a device, the user will see it in the Software Center and can install it on demand. In simple words Available applications mean that users can choose to install the software when they want.

Required – The application is deployed automatically according to the configured schedule. However, a user can track the application deployment status if it is not hidden, and can install the application before the deadline by using the Software Center. Required applications have an installation schedule and automatically install if they are not already installed by a defined deadline.

How to Rollback a Patch using Configuration Manager

To schedule the deployment, click on New and choose the Assignment schedule as As soon as possible. Click Next.

How to Rollback a Patch using Configuration Manager

On Specify how to run the content for this program page, choose the Deployment options as Download all content locally before starting task sequence. Click Next.

How to Rollback a Patch using Configuration Manager

Click Close.

How to Rollback a Patch using Configuration Manager

After few minutes, launch the software center on the client machine and you will see that the task sequence has done its work. The patch has been uninstalled by the task sequence.

How to Rollback a Patch using Configuration Manager

If you are looking for which log file to check for troubleshooting purpose, you need to open smsts.log file located on the client machine.

How to Rollback a Patch using Configuration Manager

11 COMMENTS

      • In which case, you should make clear in the opening paragraph, that this is not the best solution, wrapping the command in the task sequence engine is an unnecessary complication and overhead on the client; more to go wrong, more logs to check.

        If you create the update as an Application, and enter the command line to remove it, you have the added benefit of being able to scan the system using a powershell script to confirm the hotfix has been removed, you can also control the restart better.

        The above solution is far from the best available in SCCM 2012 i think.

  1. I tried it to remove an Office update. But in the software center the status is installing but nothing is happening. Also, checked the smsts.log, could not find anything.

  2. Hello,

    In the task sequence method can you have more than one KB in the TS? For instance could I have KB123456 and KB654321 in the same TS?

    Thank you again for your great articles!

  3. Hello ,

    I followed these steps to uninstall a KB on Windows 10 and the exit code is 87.
    Executing command line: smsswd.exe /run: wusa.exe /uninstall /kb:3163912 /quiet /norestart TSManager 8/8/2016 12:21:23 PM 768 (0x0300)
    [ smsswd.exe ] InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    PackageID = ” InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    BaseVar = ”, ContinueOnError=” InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    ProgramName = ‘wusa.exe /uninstall /kb:3163912 /quiet /norestart’ InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    SwdAction = ‘0001’ InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    Command line for extension .exe is “%1” %* InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    Set command line: Run command line InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    Working dir ‘not set’ InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    Executing command line: Run command line InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    Process completed with exit code 87 InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    Command line returned 87 InstallSoftware 8/8/2016 12:21:24 PM 4540 (0x11BC)
    Process completed with exit code 87 TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    !——————————————————————————————–! TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Failed to run the action: Remove Update KB3163912.
    The parameter is incorrect. (Error: 00000057; Source: Windows) TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set authenticator in transport TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set a global environment variable _SMSTSLastActionRetCode=87 TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set a global environment variable _SMSTSLastActionSucceeded=false TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Clear local default environment TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    The execution engine ignored the failure of the action (Remove Update KB3163912) and continues execution TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set authenticator in transport TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Updated security on object C:_SMSTaskSequence. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set a global environment variable _SMSTSNextInstructionPointer=1 TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set a TS execution environment variable _SMSTSNextInstructionPointer=1 TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set a global environment variable _SMSTSInstructionStackString= TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set a TS execution environment variable _SMSTSInstructionStackString= TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Save the current environment block TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set a global environment variable _SMSTSLastActionRetryCount=0 TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    The task exeuction engine successfully completed the execution TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set authenticator in transport TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    **************************************************************************** TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Execution engine result code: Success (0) TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Cleaning Up. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Removing Authenticator TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Cleaning up task sequence folder TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Unable to delete file C:_SMSTaskSequenceTSEnv.dat (0x80070005). Continuing. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Failed to delete directory ‘C:_SMSTaskSequence’ TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    SetNamedSecurityInfo() failed. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    SetObjectOwner() failed. 0x80070005. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    RemoveFile() failed for C:_SMSTaskSequenceTSEnv.dat. 0x80070005. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    RemoveDirectoryW failed (0x80070091) for C:_SMSTaskSequence TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Deleting volume ID file C:_SMSTSVolumeID.7159644d-f741-45d5-ab29-0ad8aa4771ca … TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Successfully unregistered Task Sequencing Environment COM Interface. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Executing command line: “C:WindowsCCMTsProgressUI.exe” /Unregister TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    ==========[ TsProgressUI started in process 4432 ]========== TsProgressUI 8/8/2016 12:21:24 PM 3752 (0x0EA8)
    Command line: “C:WindowsCCMTsProgressUI.exe” /Unregister TsProgressUI 8/8/2016 12:21:24 PM 3752 (0x0EA8)
    Unregistering COM classes TsProgressUI 8/8/2016 12:21:24 PM 3752 (0x0EA8)
    Unregistering class objects TsProgressUI 8/8/2016 12:21:24 PM 3752 (0x0EA8)
    Shutdown complete. TsProgressUI 8/8/2016 12:21:24 PM 3752 (0x0EA8)
    Process completed with exit code 0 TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Successfully unregistered TS Progress UI. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Start to cleanup TS policy TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    End TS policy cleanup TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Task Sequence Manager ServiceMain finished execution. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Task Sequence Manager service will be reconfigured TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Task Sequence Manager service reconfigured successfully TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Sending success status message TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Set authenticator in transport TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    RegQueryValueExW is unsuccessful for SoftwareMicrosoftSMSTask Sequence, SMSTSEndProgram TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    GetTsRegValue() is unsuccessful. 0x80070002. TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    End program: TSManager 8/8/2016 12:21:24 PM 768 (0x0300)
    Successfully finalized logs to SMS client log directory from C:WindowsCCMLogs TSManager 8/8/2016 12:21:25 PM 768 (0x0300)

LEAVE A REPLY

Please enter your comment!
Please enter your name here