2 Replies Latest reply on Aug 3, 2012 11:50 AM by Lawrence Garvin

    Machine scan reporting Updates Installed - not accurate,inconsistent


      Hey, we're running EminentWare Extension Packs We have some clients that have had Windows Updates uninstalled, for testing. The resulting scans are not consistent: Windows Update, WSUS agent.


      Windows Update on the client reports needing those uninstalled patches, but the WSUS console shows them as installed.


      I think I'm missing some steps. Whats going on here?

        • Re: Machine scan reporting Updates Installed - not accurate,inconsistent

          Well, after uninstalling updates from the workstations you may have to wait the 17-22 hour period until the workstation checks back with the WSUS console. To have the workstation check which updates are available run the command

          wuauclt.exe /detectnow

          or use patch manager to run the detectnow event.

          You will still need to wait about 15 or 20 minutes for the workstation to report to the WSUS which updates are needed.

          Hope this helps.

          • Re: Machine scan reporting Updates Installed - not accurate,inconsistent
            Lawrence Garvin

            Greetings Peter.


            Pat's answer is most likely the scenario here, but I wanted to shed a bit more light on what's happening internally.


            If the update were uninstalled from a client system using Programs & Features, that does not generate an 'event' that the Windows Update Agent can report to the WSUS server. So, until that client next checks in with the WSUS server and RE-evaluates that particular update package, determining that it is no longer installed, the WSUS server will continue to report that update as Installed because that's based on the last event reported by the WUAgent regarding that update. When you scan against Windows Update, the WUAgent is able to determine immediately that the update is NotInstalled, but the scan of WU also does not trigger any reporting to the WSUS server, so the WSUS server continues to sit under the mushroom.


            Only when the WUAgent actually communicates with the WSUS server and updates the state information on the update will it then be reflected in the WSUS console. As Pat notes, depending on when the last detection was (and scanning against Windows Update actually restarted that clock), it could be as much as 22 hours, if you're using the default detection interval Optionally you can run wuauclt /detectnow from the command prompt on any system, on Vista and later you can initiate a scan from the Control Panel WUApp, or with Patch Manager you can target a DetectNow event to the client system.