/build/static/layout/Breadcrumb_cap_w.png

How do you uninstall or roll back a Microsoft Update for Windows 7 machines? specifically KB2823324.

this update is causing Windows 7 computers to run chkdsk at boot up until it's manually uninstalled. I'm looking for KACE to automate a rollback/uninstall on machinese that are set to automatically install updates.


0 Comments   [ + ] Show comments

Answers (4)

Answer Summary:
Since Microsoft has already removed this update from their servers and no longer pushing down to machinese that are set for "Auto Updates", I found the following to work for my environment: %WINDIR%\SysNative\wusa.exe /uninstall /kb:2823324 /quiet /norestart thanks all for the quick responses.
Posted by: ms01ak 10 years ago
10th Degree Black Belt
3

I just made a script that ran C:\Windows\System32\\wusa.exe with params /uninstall /kb:2823324 /quiet /norestart” I then looked for machines in the inventory with the software title Security Update for Microsoft Windows (KB2823324) and then added them to label and ran the script against it. I also disabled the patch in kace.


Comments:
  • this works on 32-bit machines, but no 64. Any ideas? - wchoi2104 10 years ago
  • I've modified the script to run with the variable $(KACE_SYS_DIR), but from what I've read the patch only affects 32bit machines and not 64 bit machines. - ms01ak 10 years ago
  • Still failing on 64 bit machines even with variable. I'm seeing the issue on 64bit, and not 32. - wchoi2104 10 years ago
  • Try pointing the C:\Windows\SysWOW64\wusa.exe instead of System32 and see if that does the trick - ms01ak 10 years ago
  • Tried that too... :( - wchoi2104 10 years ago
    • Sorry for asking, but is x64 selected in the script for "Supported OS". - dugullett 10 years ago
  • Try this dism /Online /remove-package /PackageName:Package_for_KB2823324~31bf3856ad364e35~x86~~6.1.1.1 - ms01ak 10 years ago
  • Use this script below in order for KACE to verify 32 or 64 bits.

    IF %PROCESSOR_ARCHITECTURE% == AMD64 goto :x86
    IF %PROCESSOR_ARCHITEW6432% == AMD64 goto :x64 - hjansari 10 years ago
    • Where exactly do I need to run this script? thanks. - wchoi2104 10 years ago
  • both dism and wusa are located in the system32 directory for 32bit machines. In 64bit try C:\windows\sysWOW64 - ms01ak 10 years ago
  • I have tried this multiple times multiple ways, and all I keep getting is: Windows update could not be uninstalled because of error 2147549183 "Catastrophic failure" (Command line: "c:\Windows\SysWOW64\wusa.exe /uninstall /kb:2823324 /quiet /norestart"). What am I doing wrong? - rurbanow 10 years ago
  • Nevermind, I figured it out. This fixed my problem: %WINDIR%\SysNative\wusa.exe /uninstall /kb:2823324 /quiet /norestart - rurbanow 10 years ago
    • Nice. this is what fixed my issue. thanks for posting. - wchoi2104 10 years ago
    • Hello, I am facing the same issue and I dont want to install Microsoft sysinternals. I have the package for win7 64 bit and i dont have Sysnative directory to run the command. How can i accomplish this command for uninstalling the package.? - raj4public 10 years ago
    • This worked as well for me. Thanks! - brucegoose03 9 years ago
    • A trick that works properly even today, thanks a lot :-) - GiSo 7 years ago
    • I wish I could upvote this somehow! This still works 7 years later. I tried all other hardcoded paths but, for whatever reason, this is the only thing that worked. - horstj 3 years ago
Posted by: dugullett 10 years ago
Red Belt
1

What I did was create a manual label (Patch_MS13-036). I then went to the patch listing and manually applied this label to the corresponding patches.

I then created a new patch schedule with a patch action "Detect and Rollback". Under the "Detect Patch Label" I added my label (Patch_MS13-036) I created, and the same for "Rollback Patch Selection". Everything else is the same setup. 


Comments:
  • The issue that I ran into is that I first set the patch to inactive to make sure it didn't get installed on other machines. However, once you do that, it no longer gets included in the rollback schedule, so I had to re-active the patch and adjust my smart label for production patches to specifically exclude this particular patch. Is there a better way to do that?

    The only difference with my rollback schedule is that I created a smart label to find machines that have the patch installed and used that for the schedule. - chucksteel 10 years ago
    • I'm wondering off the top of my head if you left it active, and added notes "DO NOT USE"? Then added the query below to your existing label. That way if it ever happened again in the future. As long as you kept the wording the same it should drop out.

      AND PATCHLINK_PATCH_STATUS.NOTES != 'DO NOT USE'

      I lucked out, and we were still in testing. It only affected my test machines. - dugullett 10 years ago
      • Looking at this further = is working finding the notes, but != is returning 0 results. I'll keep tinkering with it on Monday. - dugullett 10 years ago
      • That's a good method. This seems more convoluted than necessary. It seems like I should be able to rollback an inactive patch, but that's not how it is designed. - chucksteel 10 years ago
  • Any inactive patch is removed from KBOX cache the next day, so in order to rollback a patch, it has to be present on the KBOX. It's a double-edge sword in this scenario. For one, you need it enabled to rollback, but then you don't want to have it installed on the managed systems. - need2mod 10 years ago
Posted by: piyushnasa 10 years ago
Red Belt
1

You can follow a few simple steps and then create an uninstall package and push it. Here are the few simple steps to create the uninstall of MSU:

http://msiworld.blogspot.com.au/2012/04/silent-install-and-uninstall-of-msu.html

 

~Piyush Nasa

~My Blog:  http://msiworld.blogspot.com/


Comments:
  • I can't find the associated .msu file on MS site anymore. - wchoi2104 10 years ago
Posted by: piyushnasa 10 years ago
Red Belt
1

You need to change the directory first to sysnative and then run the command line.

cd %windir%\sysnative

You can do this in a batch file.

I faced a similar problem while installing language packs for win7 x64. I documented it here in my blog:

http://msiworld.blogspot.com.au/2011/07/windows-7-language-pack-installation.html


~Piyush Nasa

~My Blog:  http://msiworld.blogspot.com/

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ