Forum Discussion

RyanSteele-CoV's avatar
RyanSteele-CoV
Iron Contributor
Sep 05, 2024

Did expediting the 2024-08 Quality Updates fail for anyone else?

I posted this question yesterday on the Windows Servicing board, but there isn't much activity there. I hope it's okay to re-post it here.

 

Due to the CVE-2024-38063 vulnerability, we attempted to use the Expedited Quality Updates feature to enforce the immediate installation of the 2024-08 security updates. Unfortunately, the feature simply did not work. Even a couple weeks after deploying the expedited update profile, we had about 25% of our Windows endpoints still in "Pending" status, most of which were powered on 24/7.

 

We still have ConfigMgr in our environment, so I used CMPivot to run a query for events in the System log with "2024-08" in the message. This showed me that rather than installing the update and forcing a restart one day later as configured, the update was being installed, then reverted about ten hours later, then immediately re-installed again, over and over:

 

 

If I manually initiated a restart on any of the affected machines, the update was successfully finalized, so the issue wasn't a failure to install the update.

 

I've opened a case with Microsoft Support, but it is progressing slowly. If nobody else is seeing the issue, I will throw in the towel, but if it's more widespread, I think it is worth fighting to get this fixed (assuming that Microsoft isn't already aware and has simply chosen not to publicize it — for example, in the Windows release health blade in the Microsoft 365 Admin Center).

  • hrxlaunchctl's avatar
    hrxlaunchctl
    Copper Contributor
    Yes, the August expedited quality update failed to install on ~50% of our endpoints. We manage our Windows endpoints stricly with Intune. We've been configuring and deploying expedited quality update policies in Intune for two years without issue. August was the first time this update policy type (expedited quality) did not work. We're noticing some strange behavior with the Windows Update Settings page on our endpoints too. It loads, doesn't load, fails to show certain options, says there are Group Policies configured (there aren't), and generally feels very buggy. I tried deploying the September quality update with an expedited policy to my own machine, same issue. I opened a ticket with Intune support, but they have exhausted their troubleshooting and have asked me to open a ticket with Windows support.
    • hrxlaunchctl's avatar
      hrxlaunchctl
      Copper Contributor

      To confirm, I'm seeing the exact same behavior that you found. The update installs and then reverts over and over. This is September's, but this happened to August's update too.

  • pmahl's avatar
    pmahl
    Copper Contributor

    we have the same problem with expedited updates, we get a Event ID 214, the update will be rolled back and then immediately installed again and the reboot counter resets. it does this approximately every 10-12 hrs. so the update will never get installed until you reach the end of the quality update reboot grace period. this started in June and Microsoft support has no idea at all, they kept asking for more logs. It got so bad that i had to close the ticket and stop using expedited updates. i have a screen capture video of how suddenly the update gets re-downloaded and then installed again and the reboot grace period resets.  

Resources