Uninstall Windows Update using SCCM

Jonathan LefebvreJuly 11 20174 Min Read

Contributor of System Center Dudes. Based in Montreal, Canada, Senior Microsoft SCCM consultant, working in the industry for more than 10 years. He developed a strong knowledge of SCCM and MDT to build automated OS deployment solution for clients, managed large and complexe environment, including Point of Sale (POS) related projects.

Jonathan Lefebvre

SCD Collaborators

With the recent problems caused by monthly Windows Update, knowing how to massively uninstall Windows Update with SCCM is a must! This action is not available by default in SCCM.

There are 2 ways to uninstall a Windows Update. Both solutions require the command line utility WUSA.exe, that as been around since Windows Vista/Windows Server 2008 era.

In this post, we will detail both solutions to uninstall a Windows Update with SCCM.

If you are looking for how to manage Windows update with SCCM, see our SCCM Software Update Management Guide for complete instructions.

Prerequisites

SCCM any version
Windows 7 and up
Windows 2008 R2 server and up

SCCM Uninstall Windows Update

One method is to use a Custom Task Sequence with a run command line. The advantage of using this method is the ability to use the same task sequence on both OS Architecture.

Note

On a 64-bits system, since SCCM is a 32 bits application when a WUSA.exe is called, it will attempts to access %windir%\System32 but will be redirected to %windir%SysWOW64

Using a task sequence will work on both OS architectures because we can prevent a Run Command line to redirect file system on x64 clients.

Additional details can be fond on this MSDN article

The second method involves having a script per OS architecture. Nowadays, x64 is pretty much the main OS architecture used on workstation and server. However, there’s still some softwarethat require x86 OS Architecture to run. Using this method will require the right script to run on the right OS architecture. The advantage of this method is to use a simple package/program instead of a Task sequence.

Custom Task Sequence to Uninstall Windows Update

Create a new custom task sequence

Under Software Library / Operating System / Task Sequence, right-click and Create Task Sequence

Select Create a new custom task sequence, click Next

Name: Uninstall KB, click Next
- Do not select boot image as we don’t need it

Summary, click Next

On the Completion screen, click Close

Edit the task sequence

Click Add, General / Run Command Line

Provide the needed information needed. (Change KB number based on the need)
- Command Line : C:\Windows\System32\wusa.exe /uninstall /kb:4014505 /quiet /norestart
- Check: Disable 64-bit file system redirection
- Note that even with the /norestart, the task sequence will trigger a restart. This is because the run command line returns a 3010 error code, which means Restart Required

Deploy custom task sequence

Create a Device Collection to target your systems
Right-Click your Task Sequence and select Deploy
Select your collection, click Next

Select Required, click Next

Define your Schedule, click Next

Select the desired User Experience, click Next
- Remember that a restart is required. Plan accordingly and use Maintenance Window if needed

Set Alert, click Next

Leave default option, as there is no download required, click Next

Summary, click Next

Completion

Once deployed, the Task sequence will uninstall the KB and reboot the computer.

Custom Script to Uninstall Windows Update

A simple batch file can do the trick to remove a Windows Update. As stated earlier, a special consideration must be done for x64 systems.

Create Scripts

For x64 system we will point the script to %Windir%\Sysnative.

x64 script code

cd /d %windir%\sysnative
wusa.exe /uninstall /kb:4014512 /quiet /norestart

For x86 system, we will use %Windir%\System32.

x86 script code

cd /d %windir%\system32
wusa.exe /uninstall /kb:4014512 /quiet /norestart

Save both script under the same folder.

Create SCCM Package

Under Software Library / Application Management / Packages, select Create Package

Enter Name, Description and Source Path (where you saved your script)

Select Standard Program, click Next

Enter information
- Name: Uninstall x64
- Command line : cmd /c Uninstall-x64.cmd
- Program can run: Whether or not a user is logged on

Limit platform to all X64 OS

Under the Uninstall x64 program Properties, change the After running for Configuration Manager restarts computer. Click OK

On the package, click Create Program

Enter information
- Name: Uninstall x86
- Command line : cmd /c Uninstall-x86.cmd
- Program can run: Whether or not a user is logged on

Limit platform to all X86 OS

Don’t forget to Distribute Content

Now you have 2 programs that can be deployed on all systems while the OS Architecture limitation will take care of which computer runs which OS architecture!

KB SCCM 2012 SCCM CB Uninstall Update Windows 10 Windows 7 Windows Server Windows Update

Comments (17)

somi singh

01.21.2020 AT 03:14 AM

I want remove 1 Microsoft update from windows servers using TASk sequence, what should be the command line ? should I select disable 64 bit system redirection option ? https://latestexamresult.com/

Hide replies

0 0

imam

10.30.2019 AT 09:56 PM

can we uninstall a patch from application model?what is the process?

kelly

10.21.2018 AT 01:03 AM

This is so good for us now. http://screenrecorderwindows10.com

Narendra

10.03.2018 AT 01:12 AM

I tried below command also but still i am getting same above error in windows10 OS. C:\Windows\System32\wusa.exe /uninstall /kb:4014505 /quiet /norestart

10.01.2018 AT 02:12 AM

I am trying to patch uninstallation command in windows10 Operating System it it not accepting this command. I tested this command on single system also it is getting error. Windows update could not be uninstalled because of error 2147942487 "The parameter is incorrect." (Command line: "C:\WINDOWS\system32\wusa.exe /uninstall /kb4230204.msu /quiet /log").

1 0

10.02.2018 AT 09:54 AM

Hi Narendra double check your command line. Seems you are specifying the KBxxxxxx.msu. Only put the KB number without the .MSU C:\Windows\System32\wusa.exe /uninstall /kb:4014505 /quiet /norestart Jonathan

emni petro

08.16.2018 AT 12:13 AM

Same problem. Can’t modify the name, or user specification on modules, and inverter. Same windows update. http://www.windowstechnicalsupportnumbers.com/

08.16.2018 AT 12:12 AM

Same problem. Can't modify the name, or user specification on modules, and inverter. Same windows update.

syed khairu

08.13.2018 AT 07:56 AM

Hi Jonathan I want remove 1 Microsoft update from windows servers using TASk sequence, what should be the command line ? should I select disable 64 bit system redirection option ?

kaushal singh

01.31.2018 AT 09:16 AM

hi, We have noticed the similar command is not working on windows 10 machines for uninstallation any sugesstion.

Andrew

01.11.2018 AT 12:40 PM

Thanks guys! Also, if you want to uninstall Office patches then use this: https://social.technet.microsoft.com/Forums/en-US/24b5a52c-ea2f-44e7-9fd3-57aae4d44ba4/how-to-uninstall-kb4011626-and-other-office-updates?forum=ConfigMgrCompliance

01.11.2018 AT 12:39 PM

If you want to uninstall and an Office patch then you will need this: https://social.technet.microsoft.com/Forums/en-US/24b5a52c-ea2f-44e7-9fd3-57aae4d44ba4/how-to-uninstall-kb4011626-and-other-office-updates?forum=ConfigMgrCompliance

PS Raju

09.29.2017 AT 08:58 AM

Thanks for sharing great solution, what my doubt is if we have the KB x64 and x86 bits installed on All Os version , how do we mention both bits a package, I have seen you have just choose x86 bits platform only, KBxxxx--installed on all machines,i need deploy a package for uninstall the KB, instead of chose all specified platform and making for another x86 Can anyone please suggest me and help me on this

Ryan Steele

07.11.2017 AT 01:23 PM

Hi Jonathan, Thanks for the post, but you're way over-complicating things here. wusa.exe is on the system path, so you can call it directly without having to specify its location. In my experience, the best way to remove an update is with an Application. Here are the settings I use. Content location: [Leave this blank] Installation Program: xyz [Put some random text in here as it's not allowed to be blank, but we never use it] Uninstallation Program: wusa.exe /kb:nnnnnnn /uninstall /quiet /norestart [where nnnnnnn is the KB number] Detection Method: PowerShell Script Contents: Get-HotFix | Where-Object {$_.HotfixID -eq 'KBnnnnnnn'} Deploy this to your Computer collection with the Action set to Uninstall.

2 0

Stefan

11.28.2017 AT 10:34 AM

Hi Ryan have you testet this with the new cummulative updates from Win10 (KB4048953, KB4048954, KB4048955)? I've got all the time an error 87 (the parameter is incorrect)? BR Stefan

Pär

07.12.2017 AT 06:22 AM

That's a great solution, thanks for sharing!

Lassiol

07.11.2017 AT 11:27 AM

Instead of the name of the kb you set a custom variable and you get a generic ts. You position the variable on your collection and everything becomes agile

Uninstall Windows Update using SCCM

Table of Content

Share

Prerequisites

SCCM Uninstall Windows Update

Custom Task Sequence to Uninstall Windows Update

Create a new custom task sequence

Deploy custom task sequence

Custom Script to Uninstall Windows Update

Create Scripts

Create SCCM Package

Share