Now there will come a time when you need to remove patches from a device. More than likely because the business suspect that the last round of updates has broken an application which the users cant live without. More often than not it’s a case of removing to prove or discount the matter. Ok so how do we do this. Well in short there are several methods. I’m avoiding the obvious manual one since we will be using SCCM.
First thing first we need to establish which patch or patches need to be removed. Depending on whether the patch is a windows operating system or Microsoft Office update the process is different.
Operating System Update
To do this open an elevated command prompt and type ;
dism /online /Get-Packages > c:\package_info.txt The result will look like this ;-
Deployment Image Servicing and Management tool
Version: 10.0.17134.1
Image Version: 10.0.17134.706
Packages listing:
Package Identity : Microsoft-OneCore-ApplicationModel-Sync-Desktop-FOD-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:20
Package Identity : Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1
State : Installed
Release Type : Language Pack
Install Time : 12/04/2018 09:16
Package Identity : Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : Foundation
Install Time : 11/04/2018 23:41
Package Identity : Microsoft-Windows-Hello-Face-Resource-C-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:20
Package Identity : Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~11.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:16
Package Identity : Microsoft-Windows-LanguageFeatures-Basic-en-gb-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 14/10/2018 18:13
Package Identity : Microsoft-Windows-LanguageFeatures-Basic-en-us-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:17
Package Identity : Microsoft-Windows-LanguageFeatures-Handwriting-en-us-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:17
Package Identity : Microsoft-Windows-LanguageFeatures-OCR-en-gb-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 14/10/2018 18:22
Package Identity : Microsoft-Windows-LanguageFeatures-OCR-en-us-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:19
Package Identity : Microsoft-Windows-LanguageFeatures-Speech-en-gb-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 14/10/2018 18:13
Package Identity : Microsoft-Windows-LanguageFeatures-Speech-en-us-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:19
Package Identity : Microsoft-Windows-LanguageFeatures-TextToSpeech-en-gb-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 14/10/2018 18:13
Package Identity : Microsoft-Windows-LanguageFeatures-TextToSpeech-en-us-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:19
Package Identity : Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:16
Package Identity : Microsoft-Windows-QuickAssist-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:16
Package Identity : OpenSSH-Client-Package~31bf3856ad364e35~amd64~~10.0.17134.1
State : Installed
Release Type : OnDemand Pack
Install Time : 12/04/2018 09:20
Package Identity : Package_for_KB4100347~31bf3856ad364e35~amd64~~10.0.4.0
State : Installed
Release Type : Update
Install Time : 01/03/2019 21:48
Package Identity : Package_for_KB4287903~31bf3856ad364e35~amd64~~10.0.1.0
State : Installed
Release Type : Security Update
Install Time : 19/06/2018 19:50
Package Identity : Package_for_KB4456655~31bf3856ad364e35~amd64~~17134.281.1.1
State : Installed
Release Type : Update
Install Time : 14/10/2018 18:34
Package Identity : Package_for_KB4465663~31bf3856ad364e35~amd64~~17134.400.1.0
State : Installed
Release Type : Security Update
Install Time : 01/12/2018 21:27
Package Identity : Package_for_KB4477029~31bf3856ad364e35~amd64~~10.0.1.0
State : Installed
Release Type : Security Update
Install Time : 01/12/2018 21:22
Package Identity : Package_for_KB4485449~31bf3856ad364e35~amd64~~17134.580.1.0
State : Installed
Release Type : Security Update
Install Time : 16/03/2019 02:37
Package Identity : Package_for_KB4489907~31bf3856ad364e35~amd64~~10.0.1.0
State : Installed
Release Type : Security Update
Install Time : 16/03/2019 02:03
Package Identity : Package_for_KB4493478~31bf3856ad364e35~amd64~~10.0.1.0
State : Installed
Release Type : Security Update
Install Time : 03/05/2019 17:35
Package Identity : Package_for_RollupFix~31bf3856ad364e35~amd64~~17134.112.1.7
State : Superseded
Release Type : Security Update
Install Time : 19/06/2018 19:50
Package Identity : Package_for_RollupFix~31bf3856ad364e35~amd64~~17134.523.1.3
State : Superseded
Release Type : Security Update
Install Time : 13/01/2019 21:19
Package Identity : Package_for_RollupFix~31bf3856ad364e35~amd64~~17134.648.1.5
State : Superseded
Release Type : Security Update
Install Time : 16/03/2019 09:20
Package Identity : Package_for_RollupFix~31bf3856ad364e35~amd64~~17134.706.1.5
State : Installed
Release Type : Security Update
Install Time : 03/05/2019 18:05
The operation completed successfully.
Search for the relevant KB number in the file. Once found note the Package Identity value. If the KB isnt found this could be because its part of a Rollup. In this case search for patches installed on a particlar date to narrow it down.
Use the following command to interogate the contents of the rollup and check its the KB you want to remove ;-
dism /online /Get-PackageInfo /packagename:Package_for_RollupFix~31bf3856ad364e35~amd64~~17134.706.1.5Deployment Image Servicing and Management tool
Version: 10.0.17134.1
Image Version: 10.0.17134.706
Package information:
Package Identity : Package_for_RollupFix~31bf3856ad364e35~amd6417134.706.1.5 Applicable : Yes Copyright : Microsoft Corporation Company : Microsoft Corporation Creation Time : Description : Fix for KB4493464 Install Client : WindowsUpdateAgent Install Package Name : Package_for_RollupFix~31bf3856ad364e35~amd6417134.706.1.5.mum
Install Time : 03/05/2019 18:05
Last Update Time :
Name : default
Product Name : Package_for_RollupFix
Product Version :
Release Type : Security Update
Restart Required : Possible
Support Information : http://support.microsoft.com/?kbid=4493464
State : Installed
Completely offline capable : No
Self servicing package : No
Capability Identity :
Custom Properties:
Dependency : Language Pack
Version : 10.0.17134.706
Features listing for package : Package_for_RollupFix~31bf3856ad364e35~amd64~~17134.706.1.5
(No features found for this package)
The operation completed successfully.
Once identified then create a SCCM package as follows (you could also do this using a task sequence. As we are only needing to remove one patch then a package will suffice). Create a new package as per the screenshots below;-
Enter a suitable Name
Enter command line as
dism.exe /online /Remove-Package /PackageName:Package_for_RollupFix~31bf3856ad364e35~amd64~~17134.706.1.5 /quiet /norestartSelect Run “Hidden”
Select Program can run “Whether or not a user is logged on”
Enter disk space as 1MB since there is no content
So now the package is created. Deploy to the relevant collection.
Be sure to exclude the device from the patch deployment collection or remove the patch from the software update group or otherwise it will be reinstalled shortly after the next software updates deployment cycle.
Microsoft Office Patches
Microsoft Office software updates are applied individually to multiple Office Products.
For example a KB number may be applied to Word, Excel, Outlook, etc… So there may be multiple uninstalls to do for one particular KB number
Next we need to search the registry for the KB number (3039720 in this example) under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
(or in Wow6432Node if it is a 32 bit version of Office on a 64 bit OS)
There will be multiple finds each under their own key in the format of {90150000-012B-0409-0000-0000000FF1CE}_Office15.LYNC_{16F64A9D-6561-4378-98F2-BD2095B78511}
Make a note of all the above registry keys found
There are two GUIDs that make up the registry key that will be needed to remove each patch
These are:
{90150000-012B–0409-0000-0000000FF1CE}
This represents the specific MS Office product
(012B = Microsoft Lync 2013)
(0409 = Is hexadecimal for 1033 which is the English (US) version) For more details see https://support.microsoft.com/en-gb/help/2786054/description-of-the-numbering-scheme-for-product-code-guids-in-office-2
And {16F64A9D-6561-4378-98F2-BD2095B78511} which represents the patch
Now we need to create a package (or Task Sequence if multiple command lines are required) as follows;-
Enter a suitable Name
Enter Command line as:-
msiexec /i "{90150000-0017-0000-1000-0000000FF1CE}" MSIPATCHREMOVE="{C08DDD68-F534-45A4-B876-4B8C2C43A744}" /qn REBOOT=REALLYSUPPRESS Select Run “Hidden”
Select Program can run “Whether or not a user is logged on”
Enter disk space as 1MB since there is no content
So now the package is created. Deploy to the relevant collection.
Be sure to exclude the device from the patch deployment collection or remove the patch from the software update group or otherwise it will be reinstalled shortly after the next software updates deployment cycle.