With the recent problems caused by monthly Windows Update, knowing how to massively uninstall Windows Update with SCCM is a must! This action is not available by default in SCCM.
There are 2 ways to uninstall a Windows Update. Both solutions require the command line utility WUSA.exe, that as been around since Windows Vista/Windows Server 2008 era.
In this post, we will detail both solutions to uninstall a Windows Update with SCCM.
If you are looking for how to manage Windows update with SCCM, see our SCCM Software Update Management Guide for complete instructions.
Prerequisites
- SCCM any version
- Windows 7 and up
- Windows 2008 R2 server and up
SCCM Uninstall Windows Update
One method is to use a Custom Task Sequence with a run command line. The advantage of using this method is the ability to use the same task sequence on both OS Architecture.
Note
On a 64-bits system, since SCCM is a 32 bits application when a WUSA.exe is called, it will attempts to access %windir%\System32 but will be redirected to %windir%SysWOW64
Using a task sequence will work on both OS architectures because we can prevent a Run Command line to redirect file system on x64 clients.
Additional details can be fond on this MSDN article
The second method involves having a script per OS architecture. Nowadays, x64 is pretty much the main OS architecture used on workstation and server. However, there’s still some softwarethat require x86 OS Architecture to run. Using this method will require the right script to run on the right OS architecture. The advantage of this method is to use a simple package/program instead of a Task sequence.
Custom Task Sequence to Uninstall Windows Update
Create a new custom task sequence
- Under Software Library / Operating System / Task Sequence, right-click and Create Task Sequence
- Select Create a new custom task sequence, click Next
- Name: Uninstall KB, click Next
- Do not select boot image as we don’t need it
- Summary, click Next
- On the Completion screen, click Close
- Edit the task sequence
- Click Add, General / Run Command Line
- Provide the needed information needed. (Change KB number based on the need)
- Command Line : C:\Windows\System32\wusa.exe /uninstall /kb:4014505 /quiet /norestart
- Check: Disable 64-bit file system redirection
- Note that even with the /norestart, the task sequence will trigger a restart. This is because the run command line returns a 3010 error code, which means Restart Required
Deploy custom task sequence
- Create a Device Collection to target your systems
- Right-Click your Task Sequence and select Deploy
- Select your collection, click Next
- Select Required, click Next
- Define your Schedule, click Next
- Select the desired User Experience, click Next
- Remember that a restart is required. Plan accordingly and use Maintenance Window if needed
- Set Alert, click Next
- Leave default option, as there is no download required, click Next
- Summary, click Next
- Completion
Once deployed, the Task sequence will uninstall the KB and reboot the computer.
Custom Script to Uninstall Windows Update
A simple batch file can do the trick to remove a Windows Update. As stated earlier, a special consideration must be done for x64 systems.
Create Scripts
For x64 system we will point the script to %Windir%\Sysnative.
x64 script code
cd /d %windir%\sysnative
wusa.exe /uninstall /kb:4014512 /quiet /norestart
For x86 system, we will use %Windir%\System32.
x86 script code
cd /d %windir%\system32
wusa.exe /uninstall /kb:4014512 /quiet /norestart
Save both script under the same folder.
Create SCCM Package
- Under Software Library / Application Management / Packages, select Create Package
- Enter Name, Description and Source Path (where you saved your script)
- Select Standard Program, click Next
- Enter information
- Name: Uninstall x64
- Command line : cmd /c Uninstall-x64.cmd
- Program can run: Whether or not a user is logged on
- Limit platform to all X64 OS
- Under the Uninstall x64 program Properties, change the After running for Configuration Manager restarts computer. Click OK
- On the package, click Create Program
- Enter information
- Name: Uninstall x86
- Command line : cmd /c Uninstall-x86.cmd
- Program can run: Whether or not a user is logged on
- Limit platform to all X86 OS
- Don’t forget to Distribute Content
Now you have 2 programs that can be deployed on all systems while the OS Architecture limitation will take care of which computer runs which OS architecture!
19 Comments on “Uninstall Windows Update using SCCM”
I want remove 1 Microsoft update from windows servers using TASk sequence, what should be the command line ? should I select disable 64 bit system redirection option ?
https://latestexamresult.com/
can we uninstall a patch from application model?what is the process?
This is so good for us now. http://screenrecorderwindows10.com
SCCM is the new thing for me and I truly did not that SCCM is utilized for uninstalling the windows. I have to uninstall the windows currently utilizing SCCM. Thanks for this blog.
SCCM is the new thing for me and I really did not that SCCM is used for uninstalling the windows. I need to uninstall the windows now using SCCM. Thanks for sharing this information.
I tried below command also but still i am getting same above error in windows10 OS.
C:\Windows\System32\wusa.exe /uninstall /kb:4014505 /quiet /norestart
I am trying to patch uninstallation command in windows10 Operating System it it not accepting this command.
I tested this command on single system also it is getting error.
Windows update could not be uninstalled because of error 2147942487 “The parameter is incorrect.” (Command line: “C:\WINDOWS\system32\wusa.exe /uninstall /kb4230204.msu /quiet /log”).
Hi Narendra
double check your command line. Seems you are specifying the KBxxxxxx.msu. Only put the KB number without the .MSU
C:\Windows\System32\wusa.exe /uninstall /kb:4014505 /quiet /norestart
Jonathan
Same problem. Can’t modify the name, or user specification on modules, and inverter. Same windows update.
http://www.windowstechnicalsupportnumbers.com/
Same problem. Can’t modify the name, or user specification on modules, and inverter. Same windows update.
Hi Jonathan
I want remove 1 Microsoft update from windows servers using TASk sequence, what should be the command line ? should I select disable 64 bit system redirection option ?
hi,
We have noticed the similar command is not working on windows 10 machines for uninstallation
any sugesstion.
Thanks guys!
Also, if you want to uninstall Office patches then use this:
https://social.technet.microsoft.com/Forums/en-US/24b5a52c-ea2f-44e7-9fd3-57aae4d44ba4/how-to-uninstall-kb4011626-and-other-office-updates?forum=ConfigMgrCompliance
If you want to uninstall and an Office patch then you will need this: https://social.technet.microsoft.com/Forums/en-US/24b5a52c-ea2f-44e7-9fd3-57aae4d44ba4/how-to-uninstall-kb4011626-and-other-office-updates?forum=ConfigMgrCompliance
Thanks for sharing great solution, what my doubt is if we have the KB x64 and x86 bits installed on All Os version , how do we mention both bits a package, I have seen you have just choose x86 bits platform only,
KBxxxx–installed on all machines,i need deploy a package for uninstall the KB, instead of chose all specified platform and making for another x86
Can anyone please suggest me and help me on this
Hi Jonathan,
Thanks for the post, but you’re way over-complicating things here. wusa.exe is on the system path, so you can call it directly without having to specify its location.
In my experience, the best way to remove an update is with an Application. Here are the settings I use.
Content location: [Leave this blank]
Installation Program: xyz [Put some random text in here as it’s not allowed to be blank, but we never use it]
Uninstallation Program: wusa.exe /kb:nnnnnnn /uninstall /quiet /norestart [where nnnnnnn is the KB number]
Detection Method: PowerShell
Script Contents: Get-HotFix | Where-Object {$_.HotfixID -eq ‘KBnnnnnnn’}
Deploy this to your Computer collection with the Action set to Uninstall.
That’s a great solution, thanks for sharing!
Hi Ryan
have you testet this with the new cummulative updates from Win10 (KB4048953, KB4048954, KB4048955)? I’ve got all the time an error 87 (the parameter is incorrect)?
BR Stefan
Instead of the name of the kb you set a custom variable and you get a generic ts. You position the variable on your collection and everything becomes agile