Client Management Suite

 View Only

  • 1.  MS13-A01 patch keeps attempting to install after successful install

    Posted Feb 04, 2013 08:39 PM

    Hi Everyone

    I need some more help. This time it is to do with Patch Management.

    The system information:
    NS Version - 7.1 SP2 Roll Up V3
    NS Server - Server 2008 R2 Standard
    SQL DB Server - Seperate server to the NS

    I have sent out the patch MS13-A01 to machines during January. The patch reports as being installed successfully. But then it is trying to install again.

    I have extracted the logs from a few client computers and they have had this patch installed multiple times successfully.

    You can see a log below from one machine.

     

    Attempt time

    Update name

    Update GUID

    Bulletin name

    Status

    Command line

    Exit code

    24/01/2013 18:15

    rvkroots-KB2798897.exe

    {816D196F-55C8-4E34-BB37-5DC80A6F52F6}

    MS13-A01

    Succeeded

    rvkroots.exe /Q

    0

    27/01/2013 18:05

    rvkroots-KB2798897.exe

    {816D196F-55C8-4E34-BB37-5DC80A6F52F6}

    MS13-A01

    Succeeded

    rvkroots.exe /Q

    0

    29/01/2013 18:03

    rvkroots-KB2798897.exe

    {816D196F-55C8-4E34-BB37-5DC80A6F52F6}

    MS13-A01

    Succeeded

    rvkroots.exe /Q

    0

    31/01/2013 15:04

    rvkroots-KB2798897.exe

    {816D196F-55C8-4E34-BB37-5DC80A6F52F6}

    MS13-A01

    Succeeded

    rvkroots.exe /Q

    0

    3/02/2013 0:35

    rvkroots-KB2798897.exe

    {816D196F-55C8-4E34-BB37-5DC80A6F52F6}

    MS13-A01

    Succeeded

    rvkroots.exe /Q

    0

    5/02/2013 11:20

    rvkroots-KB2798897.exe

    {816D196F-55C8-4E34-BB37-5DC80A6F52F6}

    MS13-A01

    Succeeded

    rvkroots.exe /Q

    0

    This is happening on multiple machines. It seems to be limited to this patch out of the monthly bulletin releases.

    Is anyone else having this problem?

    I have taken a look at the compliance report this morning and it reported that 162 machine had the patch installed and there were over 300 requiring the patch. Now in the afternoon I look and it is reporting that 355 machines have the patch installed. I am going to keep an eye on this when it does its next Assessment Scan and see if the results change again. I am thinking that when the Assessment Scan runs it is reporting that the patch is NOT installed and installs it. Even though it has already been installed.

    Any help would be appreciated.

    Is there anything I can check?

    Additional possible useful information:
    My Policy is set to "No repeat" for this job.

    Regards
    Jason



  • 2.  RE: MS13-A01 patch keeps attempting to install after successful install

    Posted Feb 05, 2013 08:00 AM

    When was your last PMImport?  Other products (e.g. http://thwack.solarwinds.com/thread/53780) have a similar issue with this bulletin.  Perhaps Microsoft revised it.  If you've done a new PMImport lately and restaged this patch, perhaps the new release works properly.



  • 3.  RE: MS13-A01 patch keeps attempting to install after successful install

    Posted Feb 05, 2013 05:16 PM
    Hi again mclemson My Patch Import (incremental) runs every day at 1am. I just checked it and it has been successful each day over the past 5 days. I have not restaged the patch though. Should I do this? I only have to "recreate" the patch right? I dont have to "distribute" the patch again do I? Because it will automatically do it from the already created policy? I have just checked the compliance on that particular bulletin and 382 machine have the patch installed. So it seems to be ok for the time being. I am keeping my eye on it though because going off the table I provided above it is every 2 or 3 days that the patch gets re-deployed. Regards Jason


  • 4.  RE: MS13-A01 patch keeps attempting to install after successful install

    Posted Feb 06, 2013 12:11 AM
    OK. I just checked the compliance again and MS13-A01 dropped to 250 for the the installed count. 281 being not installed. So it seems that the scan is revealing that the patch bulletin is not installed properly but the client computers are reporting locally that it is installed. Should I re-download the patch? Has anyone else had any issues with this? Thanks for your replies mclemson


  • 5.  RE: MS13-A01 patch keeps attempting to install after successful install

    Trusted Advisor
    Posted Feb 06, 2013 09:51 AM

    This isn't a patch my machines are showing as needed in win update (though altiris compliance thinks I need it), so I didn't push it out.  I always go by what win update reports I need first.

    Does windows update say your machines need the patch (before it's patched with patch mgmt, like a freshly imaged computer)?  If so, once PM installs it once, does the patch disappear from the windows update necessary list?

    If so, and PM keeps trying to reinstall, it sounds like you need to put a ticket in.  Include screenshots and your PMImport number (click on details of last time it ran and u will get a version) in the ticket to try to speed it along.

    Good luck.



  • 6.  RE: MS13-A01 patch keeps attempting to install after successful install

    Posted Feb 06, 2013 12:50 PM

    Might be worth a peek in the event logs of the affected machines to see what the machine "thinks" is going on.



  • 7.  RE: MS13-A01 patch keeps attempting to install after successful install

    Posted Feb 06, 2013 10:15 PM
      |   view attached

    Hi There Thanks for your replies so far everyone. I have now logged a job with Symantec. We will see what comes out of it. I checked Windows Update on a machine that says the patch has been installed (in Altiris) and it says (in Windows Update) that the patch still needs to be installed. I will let you know what happens when Symantec get back to me.



  • 8.  RE: MS13-A01 patch keeps attempting to install after successful install

    Posted Feb 12, 2013 03:15 PM

    What was the response from Symantec?  Problem with their detection rule?