WSUS 2016: I declined an update (KB4346087) and can't get it back into WSUS

Jeremiah Nelson 1 Reputation point
2020-11-30T22:23:01.493+00:00

I declined an update (KB4346087) and can't get it reinstated in WSUS. I can search for it and find it, then when I try and approve it, it shows up as "Unknown" as status, and doesn't actually install on the approved servers.

I've tried reimporting it, changing its approval to approved and not approved, but still can't find it in WSUS.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,105 questions
0 comments

8 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jeremiah Nelson 1 Reputation point
    2020-12-01T16:01:31.937+00:00

    Ok, so I may be missing something here. KB4589210 is the most recent version that supersedes 4346087. I can search for it in WSUS and approve it to groups. I also use Solarwinds Patch Manager(PM) to make it easier to manage updates. So when I go into PM, after approving the update in WSUS, it shows up as "Unknown" as its status. Then the next morning it disappears in the updates tab for the servers I approved it for in PM, yet doesn't install on the servers.

    Note: If I manually install the update, the vulnerability disappears in the Nessus Scanner.

    Our server version is as follows:

    Edition: Windows Server 2016 Datacenter
    Version: 1607
    OS build: 14393.4046

    What am I missing?

    0 comments
  2. Dave Patrick 426.1K Reputation points MVP
    2020-12-01T16:43:47.64+00:00

    Micro code updates are firmware updates that come from the hardware vendor and are unrelated to windows updates.

    --please don't forget to Accept as answer if the reply is helpful--

  3. Rita Hu -MSFT 9,626 Reputation points
    2020-12-02T07:25:20.28+00:00

    Hi JeremiahNeIson-9826,

    Thanks for your response.

    It is recommended to install the KB4589210 manually if the Windows Server 2016 clients are not too much in your environment. I will try the best to deliver the information to the product team to see if they have some additional comments. To get better support, I suggest you call Professional Support Services so that a dedicate engineer will help you solve this issue in a more efficient way.

    In addition, it is also recommended to submit your ideas in the Windows Server UserVoice. There are many product team to hear and support the issue.

    Thanks for your understanding and cooperation. Hope you have a nice day.

    Regards,
    Rita

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments