locked
Infinite loop of downloading/installing windows patches on client machine RRS feed

  • Question

  • I've found that on most client machines in my estate that we have a machines that are installing the same patches more or less 20 odd times on the machine. 

    From looking deeper in the issue I've found a strange loop

    Windows detects updates > finds updates > downloads and installs updates > all up to date. When checking for updates again it's downloading the same updates again in a loop.


    What can cause this loop? 

    I've ran a troubleshooter and have found that the Windows update agent version is out of date: 

    According to windows the only way to download this is through windows updates. Maybe due to the agent being out of date it's reporting to WSUS with the wrong infomation. We use WSUS to patch our machines could this be the reason for infinite loop or am I way off the mark?

    Any help is appreciated 

    Tuesday, May 9, 2017 9:22 AM

All replies

  • Have a peek at my Adamj Clean-WSUS script. It is the last WSUS Script you will ever need.

    http://community.spiceworks.com/scripts/show/2998-adamj-clean-wsus

    What it does:

    1. Remove all Drivers from the WSUS Database.
    2. Shrink your WSUSContent folder's size by declining superseded updates.
    3. Remove declined updates from the WSUS Database.
    4. Clean out all the synchronization logs that have built up over time (configurable, with the default keeping the last 14 days of logs).
    5. Compress Update Revisions.
    6. Remove Obsolete Updates.
    7. Computer Object Cleanup (configurable, with the default of deleting computer objects that have not synced within 30 days).
    8. Application Pool Memory Configuration to display the current private memory limit and easily increase it by any configurable amount.
    9. Run the Recommended SQL database Maintenance script on the actual SQL database.
    10. Run the Server Cleanup Wizard.

    It will email the report out to you or save it to a file, or both.

    Although the script is lengthy, it has been made to be super easy to setup and use. There are some prerequisites and instructions at the top of the script. After installing the prerequisites and configuring the variables for your environment, simply run:

    .\Clean-WSUS.ps1 -FirstRun

    and then

    .\Clean-WSUS.ps1 -InstallTask

    If you wish to view or increase the Application Pool Memory Configuration, you must run it with the required switch. See Get-Help .\Clean-WSUS.ps1 -Examples

    If you're having trouble, there's also a -HelpMe option that will create a log so you can send it to me for support.
    Saturday, May 13, 2017 4:49 AM
  • Hi,

    According to your description, my understanding is that clients download/install updates repeatedly.

    In general, Windows Update Agent automatically updates itself when it is connected to a WSUS server or to Windows Update.

    As far as I know, there is no stand along WUA for Windows 10, update version will be released via system patches. That means Windows Update Agent is due to different patch level for Windows 10. So, try to install cumulative update for Windows system. 

    Besides, in WSUS environment, WUA has below working principle.

    >Initial client self-update. When a WSUS client’s Windows Update Agent (WUA) first synchronizes  against a WSUS server, it checks if the server has a newer version of the agent available in the servers “self-update” tree. If a newer version is available, the agent will self-update before completing the synchronization. Although Automatic Updates will check for self-update on every synchronization, the self update will only occur on the first synchronization unless the admin explicitly applies an update to the WSUS servers self-update tree (the next scenario).

    Quoted from blog “Managing changes from a WSUS Server”:
    https://blogs.technet.microsoft.com/wsus/2008/01/08/managing-changes-from-a-wsus-server/

    >WSUS and Windows Update both use the same Windows Update Agent, this means that WSUS-managed end-user who navigates to WU to perform an interactive sync will receive an updated version of WUA as this new agent is rolled out over the next few months.

    Quoted from blog “A new version of WUA is rolling out on Windows Update“:
    https://blogs.technet.microsoft.com/wsus/2008/07/07/a-new-version-of-wua-is-rolling-out-on-windows-update/

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, May 16, 2017 9:39 AM
  • Hi,

    I am checking to see how things are going there on this issue. Please let me know if you would like further assistance.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Saturday, June 3, 2017 7:54 AM