"Failed to Install after two attempts" OR Machine picking up zero or no vulnerabilities

PROBLEM

When using Software Management, my vulnerabilities are failing to be installed and the patches are failing with Failed to install after two attempts

OR

When using Software Management, my machine is not picking up any vulnerabilities, my machine returns 0 vulnerabilities. 

CAUSE

Microsoft periodically updates the Servicing Stack on the Windows OS. A Servicing Stack Update (SSU) might be required to get past the issue. Without the SSU, the machine is not able to properly detect the necessary patches and/or unable to detect what may already be installed.

RESOLUTION

Microsoft maintains a list of Servicing Stack Updates (SSU) on this page. Find the correct Servicing Stack update for your specific version of Windows: 
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001 

Windows needs the Servicing Stack Update to resolve the issue.

  1. Install the latest update manually or via an agent procedure (see May 25th Update).
  2. The update needs to be installed exclusively. *Note: The SSU KB does not require a reboot. If this update is deployed with other patches a reboot is forced.
  3. After the installation completes, attempt a new scan on the endpoint or attempts another deployment. 

May 11th, 2021 - The following SSU have been added to the Software Management feed.

  1. 2021-04 Servicing Stack Update for Windows 10 Version 1809 for x86 -based Systems (KB5001407).pls
  2. 2021-04 Servicing Stack Update for Windows 10 Version 1809 x64 (KB5001407).pls
  3. 2021-04 Servicing Stack Update for Windows 10 Version 1909 for x86 -based Systems (KB5003155).pls
  4. 2021-04 Servicing Stack Update for Windows 10 Version 1909 x64 (KB5003155).pls
  5. 2021-04 Servicing Stack Update for Windows Server 2019 x64 (KB5001407).pls
  6. 2021-04 Servicing Stack Update for Windows Server 2012 R2 x64 (KB5001403).pls

  7. 2021-04 Servicing Stack Update for Windows Server 2016 x64 (KB5001402).pls

May 25th, 2021 - Attached is the Agent Procedure that should assist with the installation of the missing Service Stack Updates.

 

If you need assistance with importing an Agent Procedure, you can review this KB article: How Do I Import An Agent Procedure?

 

We have also attached a Powershell script if you prefer an alternative method of installation.

 

APPLIES TO

 

All Windows OS

 

REFERENCE

VSA-28451

 

 

Attachments

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section