Implement function to remove Windows Updates from clients with Software Update Point
With a standalone WSUS-Server deployed Windows Updates can be uninstalled/removed from clients. With SCCM SUP this is not possible,
Implement a function to remove installed Windows Updates from clients.

18 comments
-
Frank G commented
This is something that I get asked about regularly. Any news to report from the PG on this one?
-
Michael Boyd commented
PLEASE!!!
Even doing it from a command line would be nice... maybe with DISM?
-
Mirza commented
Any update on this?
-
Romain commented
Just see that i submitted a uservoice asking to see the software update download date in the console to know if i need to redownload the revisited bugged KB or not. :)
but that's a good idea.
-
andrewjohnporter commented
Also, how about Microsoft has a page specifically for notifying us on any issues with updates and their resolution. So come patch Tuesday, or a few days after, you can check the website to see if any of the patches had issues. If there are issues you can pull the patch out before it does any damage rather than having to rely on your pilot deployment and google to find out if there are any issues that month.
-
andrewjohnporter commented
This would be nice
-
J Brown commented
When they make this solution then it might make sense to do it such that any update that is “removal deployed” would also be “blocked” for purposes of installation. This would not only help admins remove a problem patch but also prevent its reinstallation.
In my experience a problem patch doesn’t usually affect all clients, it’s usually a subset that needs uninstalled and/or blocked from installation. -
Bob Lamaster commented
This is my #1 wanted feature, and it's something that's been needed all along.
-
Anonymous commented
please
-
Anonymous commented
I can't count the number of times I've had to roll back client updates just in the last 6 months! having this ability would be a huge timesaver.
-
[NCE] commented
Being able to natively roll back Windows Updates for computers or collections from within SCCM is a MUST. Please implement
-
Giles Frankling commented
Got to vote for this one. To many times a windows update has rolled out from the SUP and caused Client Issues. Fast rollback/uninstall of specific KB's would be exclient.
-
Tony Peters commented
Also in WSUS but not CM SUP; the ability to 'hide' an update for a specific machine when the update breaks a production application.
-
Iain Fairbairn commented
I support this idea, it has been awkward in the past at times to script this with Wusa. It works but it is a bit clunky and relies on you having someone with more than basic admin experience to ensure success in a scenario that almost invariably happens with an incident outside of normal business hours and availability of the ideal administrator to action this may be limited and where you may need to work quickly to un-***** the situation before it deploys too far.
-
Anonymous commented
It would be nice to have a software update group function/feature to deinstall updates from clients/servers instead of having to script wusa.exe commands for the KB numbers.
-
Greg Isett commented
We've recently had to un-install some failed patches. It would be nice to have SCCM do this for us quicker than building the package/application and deploying.
-
Andrew Malcolm commented
We are right in the middle of dealing with https://support.microsoft.com/en-us/kb/3118750 and need to uninstall 2 .net updates in order to move forward with a critical application deployment. It would sure save me some trouble if I could simply tell Config Mgr to reach out and remove the two related updates from the affected systems!
-
Anonymous commented
This would be a very appreciated feature.
We had to uninstall several buggy Microsoft provided KB in 2015.
We have to do a specific job to do so.