Symptoms
- Detected patch continues to show as missing after successfully deploying.
- Patch that shows missing ends with 'U' every other deployment.
Cause
There are patch type that exist as an installer and an uninstaller; these patches can cause a loop when scanning and deploying. When the installation patch is deployed it makes the uninstall patch considered to be missing. These patches are designed by their vendor in this manner to facilitate adding/removing the patch according to environmental needs. If scanning/deploying these types of patches it may appear that the patch continually is missing as it continues to add/remove per deployment. The uninstall patch will end with 'U'. These patches tend to belong to the 'Security Tools' patch type.
Example: Missing the Installation Patch
Example: After Installed, Now Missing Uninstall Patch
Resolution
Exclude the specific patch utilizing a patch group, or choose not to deploy the patches installer/uninstaller after scanning.
Refer to the following document:
How To: How To: Include or Exclude Specific Patches in Scan Results in Ivanti Patch for Windows Servers
These are known patches that offer an uninstaller.
- Q2719662(U) - MS12-A06
- Q2794220(U) - MS12-A10
- Q2847140(U) - MS13-A02
- Q2887505(U) - MS13-A08
- Q2896666(U) - MS13-A09
- Q4072698(U) - IVA18-001
- Q4072699(U) - IVA18-002
Affected Products
Patch for Windows 9.3+