October 17 Delta patch problem - WSUS/SCCM

A quick off the cuff post this one. There has been a lot of talk today on the twittersphere about a rogue patch affecting Windows 10 and Windows Server 2016.

It basically stems from the delta updates detailed in this article.

https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/monthly-delta-update-isv-support-without-wsus

Specifically there is a section at the bottom which says…

Prevent deployment of Delta and Cumulative updates in the same month

Since Delta update and Cumulative update are available at the same time, it’s important to understand what happens if you deploy both updates in the same month.

If you approve and deploy the same version of the Delta and Cumulative update, you will not only generate additional network traffic since both will be downloaded to the PC, but you may not be able to reboot your computer to Windows after restart.

It seems that unfortunately this patch has been released to WSUS (also used by SCCM) this month and as most people run automatic deployment rules they will be deploying both the monthly cumulative update and the delta patch. There have so far been reports of BSODs from devices when they restart after patches.

These are the patches to avoid, I suggest you remove these from your software update groups ASAP.

image

I am also seeing that these patches have since been expired and once your next WSUS (and SCCM) synchronisation runs this should be reflected. I’m not seeing that just yet but I will update this post as and when I get further information.

[UPDATE]

After my synchronisation completed I can now confirm these have been expired by Microsoft.

There are a couple of other useful posts out already too here:

https://deploymentbunny.com/2017/10/11/the-october-2017-update-inaccessible-boot-device/

and here’s how to remove the updates with DISM if you’re too late.

https://blog.workinghardinit.work/2017/10/11/quick-fix-publish-vm-wont-boot-after-october-2017-updates-for-windows-server-2016-and-windows-10-kb4041691/

[FURTHER UPDATE]

Microsoft have now released am official statement to confirm all of the above.

https://support.microsoft.com/en-us/help/4049094/windows-devices-may-fail-to-boot-after-installing-october-10-version-o

/Peter