WSUS keeps saying there is updates, never finish

Obbi 1 Reputation point
2022-02-21T22:08:28.383+00:00

I have a few issues with the repoting back to the Wsus server.

If you look below, you can see that i have 4 PCs who says they are missing 5 updates, its been like this for weeks, but the pcs have gotten many updates.

PC Names Missing Updates

32 5

36 5

39 5

41 4

When i open up "windows update" on one of the PCs i can see after a few days it just failed to install, but it never reports it back to the Wsus server, keeps saying 5 missing.

Ideal i want every pc to say 100% done.

Have anyone tried this before, were the clients never get to 100% ?

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,505 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,053 questions
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Adam J. Marshall 9,381 Reputation points MVP
    2022-03-09T13:54:44.337+00:00

    You can simply decline the old ones on the WSUS server - they are older so they wont install. I agree, it's kind of weird that the computer thinks it needs those updates.

    1 person found this answer helpful.

  2. Adam J. Marshall 9,381 Reputation points MVP
    2022-02-21T22:45:19.577+00:00

    Are they really reporting though?
    https://www.ajtek.ca/wsus/client-machines-not-reporting-to-wsus-properly/

    Depends on what products/classifications you have selected to get the 100% mark. Sometimes my client systems are reporting 100% on some, but never all - why? because we live in a world where not all systems are brought online all the time. Sure, the bulk of the systems will update and report back they've installed updates, but it also depends on what you've done with the updates - eg, I've removed all Silverlight from my client systems. The main 'installer' of Silverlight through WSUS still claims that all my systems need it - and yes, that would be true if I wanted them to have it.

    Remember, Last Contact and Last Status Report are 2 different columns (and Last Contact is hidden by default)

    0 comments No comments

  3. Obbi 1 Reputation point
    2022-02-21T23:16:57.57+00:00

    The 4 pcs are test laptops that are online 24/7 just to test the Wsus system.

    they got alot of updates, but in WSUS it keeps saying 4 is missing.

    Both last contact and last report is the same now.

    But i noticed whille it was installing updates, the last report was a old date but the contact one was up to date.

    0 comments No comments

  4. Rita Hu -MSFT 9,641 Reputation points
    2022-02-22T06:20:23.223+00:00

    @Obbi
    What is the OS version of the four problematic laptops?

    When i open up "windows update" on one of the PCs i can see after a few days it just failed to install
    Is there any error code for reference? It will be better if you could get the windowsupdate.log on the one of the four problematic laptops and share the log file with us. We could open the PowerShell as an administrator and run the get-windowsupdatelog command to get the log file. Note that the log file will be placed into the Desktop by default.

    In addition, we could follow this link to reset Windows Update components if you haven't tried before. It will be helpful in most cases.

    Hope the above will be helpful. Don't hesitate to inform me if there are any updates or questions. Looking forward to your feedback.

    Regards,
    Rita


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  5. Rita Hu -MSFT 9,641 Reputation points
    2022-03-07T06:51:24.52+00:00

    @Obbi
    If you look at my two screenshots, you can see that WSUS says the server is missing 4-5 updates, all of the updates are for Defender, but its "old versons"
    Is that a bug? Should it not skip the old updates?

    You have already checked that the computers installed the latest Defender Updates. Am I right?

    In fact, all the Needed updates will be shown on the report, no matter it is old or the latest Defender Updates. As far as I experience, the old updates will still shown as Needed on the WSUS report even though the computers install the Latest version. So it is recommended to check whether the computers install the Latest version first.

    Here is the release note for your reference:
    https://www.microsoft.com/en-us/wdsi/definitions/antimalware-definition-release-notes

    Don't forget to accept the answer if it is helpful :-)

    Have a great day.

    Regards.
    Rita


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.