Jun 16 2021 07:05 AM
Hello all,
I have the following problem and ask for your advice.
We have several AAD joined and registered Windows 10 devices, with different Windows 10 versions. This devices are full managed via Endpoint Manager. We have now created our first Windows 10 quality update ring in Endpoint Manager with the last security update.
During monitoring we get the information that several devices do not have the required update health tool installed. As far as I know, the Update Health Tool was installed with KB4023057. However, these devices do not seem to have this update. Is there a possibility to distribute this update on the affected devices or to publish the Update Health tool independently?
Thanks
Jun 16 2021 08:45 AM
Jun 16 2021 11:43 PM - edited Jun 16 2021 11:55 PM
Thank you for your advice.
I saw that there is a corresponding doc post for distributing specific Windows updates as Win32 apps. Deploy Windows update packages as Win32 apps - Intune | Microsoft Docs
Unfortunately, since the devices all have a different Win 10 version (e.g. 1709, 1803, 1903, 1909, 20h2) and the update is not available for all versions (last is 1803 in update catalogue), this does not seem to me to be an appropriate solution.
Jul 07 2021 06:55 AM
Jul 08 2021 02:25 AM - edited Jul 08 2021 06:15 AM
Hi,
You could create a Powershell script and deploy it to your devices. As the update must be installed with windowsupdate when you have the latest build installed
Try {
Install-PackageProvider NuGet -Force
install-module pswindowsupdate -force
install-windowsupdate -kbarticleid KB4023057 -acceptall
}
Catch {
$_ | Out-File C:\temp\errors.txt -Append
}
Jul 12 2021 12:18 AM