Old Patch appears as missing in Patch Status v2 service but does not appear in Approve and Decline wizard

Last Modified

Wed Nov 11 17:21 GMT 2020

Description

• An old patch is showing in patch status, causing a failed state. The patch and its superseding patch cannot be found or approved in approve/decline.

Environment

• N-able N-central

Solution

• This can happen for a few reasons:
  • The patch was not detected by windows update (because it is a third party patch) so it does not appear on approve/decline as it is superseded and known because it was reported by another device.
  • The patch is superseded, not a system update, and is older than 90 days. These are hidden by design to help keep the list of patches to approve/decline manageable
  • A patch is available only at the SO level and some customers:
    • If no device at a customer level has detected the patch, then it will not be visible for manual approval at that level.
    • Auto-approvals are designed to handle this situation.
  • The patch should not be generally available through classic Windows Update.
• To work around the limitation, either:

1. Create Auto-approval Rule which would approve or decline the patch on that device (whichever approval state is appropriate) and run it manually (with Preserve Settings option - we don't want to overwrite existing Declines)
2. Manually install the newest patch in the supersedence chain via Windows Update.