Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

How can we improve Configuration Manager?

← Ideas

Implement function to remove Windows Updates from clients with Software Update Point

With a standalone WSUS-Server deployed Windows Updates can be uninstalled/removed from clients. With SCCM SUP this is not possible,
Implement a function to remove installed Windows Updates from clients.

791 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
Noted  · 

24 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Chris Ecklar commented  ·   ·  Flag as inappropriate

    With all the Microsoft Update issues over the past year or so it would be useful to have the built-in ability to push an uninstall of a KB from the SCCM console.

    WSUS services already have this ability by declining an update and approving it for removal. No such functionality exists inside the SCCM console.

    Simply waiting for a future update that may correct a bad KB is not viable for many enterprises.

    Neither is instructing users on how to uninstall KBs on their own from Control Panel as all of our users do not have sufficient permissions to do so. Nor would we want folks to know how to tinker with installed updates ;).

  • Frank G commented  ·   ·  Flag as inappropriate

    This is something that I get asked about regularly. Any news to report from the PG on this one?

  • Romain commented  ·   ·  Flag as inappropriate

    Just see that i submitted a uservoice asking to see the software update download date in the console to know if i need to redownload the revisited bugged KB or not. :)

    but that's a good idea.

  • andrewjohnporter commented  ·   ·  Flag as inappropriate

    Also, how about Microsoft has a page specifically for notifying us on any issues with updates and their resolution. So come patch Tuesday, or a few days after, you can check the website to see if any of the patches had issues. If there are issues you can pull the patch out before it does any damage rather than having to rely on your pilot deployment and google to find out if there are any issues that month.

  • J Brown commented  ·   ·  Flag as inappropriate

    When they make this solution then it might make sense to do it such that any update that is “removal deployed” would also be “blocked” for purposes of installation. This would not only help admins remove a problem patch but also prevent its reinstallation.
    In my experience a problem patch doesn’t usually affect all clients, it’s usually a subset that needs uninstalled and/or blocked from installation.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I can't count the number of times I've had to roll back client updates just in the last 6 months! having this ability would be a huge timesaver.

  • [NCE] commented  ·   ·  Flag as inappropriate

    Being able to natively roll back Windows Updates for computers or collections from within SCCM is a MUST. Please implement

  • Giles Frankling commented  ·   ·  Flag as inappropriate

    Got to vote for this one. To many times a windows update has rolled out from the SUP and caused Client Issues. Fast rollback/uninstall of specific KB's would be exclient.

  • Tony Peters commented  ·   ·  Flag as inappropriate

    Also in WSUS but not CM SUP; the ability to 'hide' an update for a specific machine when the update breaks a production application.

  • Iain Fairbairn commented  ·   ·  Flag as inappropriate

    I support this idea, it has been awkward in the past at times to script this with Wusa. It works but it is a bit clunky and relies on you having someone with more than basic admin experience to ensure success in a scenario that almost invariably happens with an incident outside of normal business hours and availability of the ideal administrator to action this may be limited and where you may need to work quickly to un-***** the situation before it deploys too far.

  • Vikram Midha commented  ·   ·  Flag as inappropriate

    This is a very essential feature which should be in-built with SCCM if not released with the latest 1606 as well.

  • Kamalakannan commented  ·   ·  Flag as inappropriate

    If we would be having an option to automate any of the issue patch would be grateful, which is time consuming and manual effort involved to create it as a package in SCCM.
    Which is a pain in general to uninstall(Back-out) it from the estate when an issue patch has been rolled out.

  • Anonymous commented  ·   ·  Flag as inappropriate

    It would be nice to have a software update group function/feature to deinstall updates from clients/servers instead of having to script wusa.exe commands for the KB numbers.

  • Greg Isett commented  ·   ·  Flag as inappropriate

    We've recently had to un-install some failed patches. It would be nice to have SCCM do this for us quicker than building the package/application and deploying.

← Previous 1

Ideas: Software Updates

Categories

Feedback and Knowledge Base

(thinking…)