-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Windows update KB2267602 keeps reinstalling causing loop. #530
Comments
Are you able to share the Windows OS version you are running with? I've just been able to replicate it on Server 2016 with Update KB2267602 and KB4052623 (once I manually updated the defender definitions). Unfortunately Windows Updates through the GUI gets stuck in this loop as well. We can certainly not continuously loop through the updates if this is detected but I'm not sure if we can solve the underlying problem. |
agreed the underlying issues is the update and that's on Microsoft, but avoiding a situation where this blocks the job from progress would be better and rather warn of failed on the affected server. Thanks for the work on #536 when is the next release scheduled ? |
As soon as I find a satisfactory solution to this issue and the other endless looping problem :) |
Ok this is going to be a brain dump because it's the end of the day and I need to write this down. The KB 2267602 is the Defender engine or virus definition update and while the KB stays the same the update itself changes multiple times a day. The log file From what I've seen Windows Updates fails to install the update on the first round with
Subsequent rounds and WUA thinks it has been installed but in the background the
What is interesting is that version of the update when it fails doesn't seem to match up with the version on https://www.microsoft.com/en-us/wdsi/defenderupdates but when they do line up WUA seems to be able to install the update just fine. What is even more interesting is that the commands on that page seem to work just fine when WUA does not. So as a workaround I'm going to have the code run that on a failure as a fallback option and check the error code. cd %ProgramFiles%\Windows Defender
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate I still need to put in a solution so that an install loop can't happen but this seems promising to get this tricky update to install without an error. |
I've opened the PR #542 which includes a workaround for getting this installed using |
SUMMARY
There is currently an issue with KB2267602 where it installs and then shows up as available to install again and no matter how many times it's installed it is still listed as available for install. This has the effect of causing win update to loop, which blocks the progress in the job.
ISSUE TYPE
COMPONENT NAME
win update
ANSIBLE VERSION
bash-5.1$ ansible --version
ansible [core 2.15.2rc1]
config file = None
configured module search path = ['/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
ansible collection location = /runner/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible
python version = 3.9.17 (main, Jun 26 2023, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
bash-5.1$
The text was updated successfully, but these errors were encountered: