Patch Management - Windows Update agent

Last Modified

Tue Jun 18 15:56 GMT 2019

Description

• Describes how the N-able N-central agent interacts with the Windows Update Agent for Patch Management in N-able N-central.

Environment

• N-able N-central
• Patch Management enabled

Solution

• The Windows Update Agent is accessible via public APIs. The N-able N-central agent uses these APIs, specifies some options and search criteria, and requests patch data from Windows Update.
• Normally, Windows Update queries run by Automatic Updates only search for patches that are not installed.
  • However, since N-able N-central reports on installed patches, we query for patches where "IsInstalled=0 or IsInstalled=1", effectively retrieving all patches.
  • The Windows Update portion of the scan is in C:\Windows\WindowsUpdate.log (or through the powershell command Get-WindowsUpdateLog on Windows 10). WindowsUpdate.log also indicates the CallerId of what application invoked a scan.
  • If there are errant scans on a device, verify if agent.exe is the process creating the scan.
    • C:\Windows\WindowsUpdate.log
  • The WindowsUpdate.log will only print results in the form of PatchGUIDs.
  • However, our NWindowsUpdate.log prints more detailed information about the patches found.
    • C:\Program Files (X86)\NAble Technologies\Windows Agent\Log\NWindowsUpdate.log
  • Note that NWindowsUpdate.log will also search for patches in locations other than WUA, but these patches are only found for reporting purposes.
  • They are not added to the N-able N-central server cim_patch database, but instead are added in cim_patch_other.
• Troubleshooting Errors
  • If you encounter an error in your patch monitoring that indicates a Windows Update Agent error message, or you find such messages in NWindowsUpdate.log or WindowsUpdate.log, please bear in mind that this is a problem with Microsoft's software that N-able N-central is attempting to bring to your attention.
  • The below links may be useful to try to resolve the error.
• How do I reset Windows Update components?
  • https://support.microsoft.com/en-ca/kb/971058
• Fix Windows corruption errors by using the DISM or System Update Readiness tool
  • https://support.microsoft.com/en-us/kb/947821
• System File Checker tool to repair missing or corrupted system files
  • https://support.microsoft.com/en-us/kb/929833
• Rename Software Distribution Folder (Method 10)
  • https://support.microsoft.com/en-us/kb/2509997