It’s easier now than ever before to rollback or remove a Windows patch. To avoid this kind of stuff in the future, test Windows patches before deploying.
This applies to systems running Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012.
I ran into an issue when trying to install Symantec Endpoint Protection on a PC. I couldn’t get the installer to finish; it would go all the way to the end, rollback, and then fail. Eventually, I found it was Windows update patch KB2781197 that was interfering with the SEP install. There is a quick way to remove the offending patch by using wusa.exe via the command line. This method is even better if you have multiple computers to rollback.
C:\Windows\System32\wusa.exe /uninstall /kb:2781197 /quiet /norestart
There is a 64bit version located in C:\Windows\SysWOW64. But you may wish to ignore this depending on your deployment. Maybe make sure to disable 64bit file system redirection to make sure the rollback works across 32bit and 64bit systems.
Of course if you have a single computer you can:
- Go to Control Panel
- Click on Programs
- Click on Programs and Features
- Click on Installed Updates
- Select the offending update and click Uninstall
Do you have another technique to remove a Windows patch? What type of testing do you do for your patch management?
