This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 35%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Hello everyone,
I have a SCCM server and all the roles are installed in one server. Recently 3-4 days ago, when I was going to deploy current month security update, I saw that maximum number of current month update showing expired. Then I checked the superseded rules and I saw that Immediately option was on. Then I changed it and run synchronization updates. But, still the console is showing that particular updates is expired. So, how to fix it that means I want to deploy these updates so how to recover these updates and make it normal from expired? Thanks in advance.
Thank you for posting in Microsoft Q&A forum.
We may recover the expired updates with the steps:
For more details, you may refer to the article:
https://www.anoopcnair.com/sccm-learn-how-to-recover-expired-updates-confi/
(Please Note: Since the website is not hosted by Microsoft, just for your reference.)
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 53%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
Hi,
My query is same as stated in the question, however by following @AllenLiu-MSFT comment, i have successfully reinstated declined updates from WSUS console, now Sep-2022 superseded updates are showing in All Updates -> Any Except declined, secondly i have changed the Supersedensce Rules also. After that Resync Software updates manually through SCCM console.
Now i am able to view only one superseded update i.e.
2022-09 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5017308)
but not the remaining updates, i can see remaining updates in WSUS console but not in SCCM console
2022-09 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5017308)
2022-09 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5017308)
2022-09 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5017308)
The difference i noticed in WSUS console is in snapshot.
Hi, @Sarfraz Aslam
That's interesting. But in my test lab, I did the same thing, the four updates recover to the console without any issue, you may try to search the KB like me to see if you can get the result:
But since the KB5017308 is replaced by KB5017380, why do we deploy the KB5017380 directly?
By the way, the superseded update can not deploy to clients by SCCM.
Thank you for your reply. I tried to search the KB through many ways but unfortunately not found in SCCM.
As per my understanding Superseded update can be deployed but not an Expired one. Correct me if i am wrong. You can see in below snapshot that one recovered update is deployed which is superseded.
You are right KB5017380 superseded KB5017308 but it is in preview update and not available through WSUS, moreover didn't test this on test machines. This is the reason trying to recover updates released on 13th September 2022.
I am surprised to see in your snapshot that your recovered updates are without * as all these are superseded now. How?
Regards,
You're right, I misremembered. Superseded update can be deployed but not an Expired one.
I'm curious too that my recovered updates do not have a correct icon.
Hi,
Just to update. Today i found those missing updates in SCCM console automatically. Didn't do any thing except above steps.
Thanks @AllenLiu-MSFT for assistance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 5%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWJ%3C/text%3E%3C/svg%3E)
I have been trying and trying to get the September 2022 updates to show as available in SCCM for download/deployment but nothing works. I followed the procedure to recover them in WSUS. They get moved to 'Any but declined' but when I sync the updates in SCCM they are automatically declined? Does anybody have an idea?
I recovered 5017308 for 20H2 and 21H2. Then they get deleted upon sync.
From Reddit....this is the fix that worked for me. WSUS ---> Move update to Not Approved in WSUS ---> Make sure SUP in SCCM is set to not expire superseded updates immediately ---> Sync SCCM SUP.
Hi @Wayne Jones
If you are able to view the desired updates in All Updates not in declined then the next thing to set the SUP expiry to 2 month (not the feature update). Then resync SCCM SUP manually. Please note it take some time to appear in SCCM console as in my case, it appears after 3 days.
Regards,