Kaseya Community

Notice and increase on Patch Failures

  • Last couple weeks I'm noticing a pick increase on 'Patch Failures' on my daily Patch Installs.

    The KBs varies, but they are not installing. I have to go manually on each computer, run "Windows Update" and them install.

    Those are some of KBs:

    KB2673774,  KB2876229,  KB3137061,  KB3146963/MS16-040,   KB3142042/MS16-039,   KB3147071,   KB3139923, and other.

    Any ideas?


  • Are these occurring on Windows 7 systems?

  • ,

    The root case can be a huge variety of issues.  It could be a bad distributable version of the patch (the .exe, .msi, or .msu) where the WUA-installed version is fine.  It could be a corrupt installer - possible repaired by MS, possibly not.  If either of these are the issues, they can be addressed if MS has releaed updated versions of a bad patch.  Your file source may or may not be a piece of this puzzle.

    The patches could require a local user be logged in.  These aren't terribly common, but do occur.   There could also be some other unreported/undocumented requirement preventing the install.

    Infrastructure can come into play, particualry depending on the File Source you're using.  

    The local Windows Update Agent may need an update to its engine, which would occur when you attempt to install the patches locally through the WUA client in the control panel.

    You might try - just to TEST - whether if you change the file source on one machine to "download from internet" and then run Patch Management > Automatic Update (schedule the test machine to run patches in the very near future) whether the patches successfully install.  The results of this test can be telling.  Do NOT use Machine Update or Patch Update for this test as the install method is different.  If the patches still fail, c:\system\windowsupdate.log can provide some detail as to why (you'll only get useful info in this particular case if the file source is "download from internet" as that is the only process which will leverage the Windows Update Agent (WUA) for most installs.

    I recommend you open a ticket with support to troubleshoot this.  There are so many varieties of reasons this may be occurring, and support should be able to determine the root cause and provide recommendations for moving forward.  Unless it's a "bad" patch from MS, almost all patches should be installable via Kaseya regardless of File Source configuration (there are a few exceptions with patches requiring a Manual install (as coded by MS); infrastructure (network, firewall, proxy, etc.) can also cause issues at times, even when patches are installable via the local client..