Solved

Remotely uninstalling a bad Microsoft Cumulative update.

Posted on 2016-09-22
2
57 Views
Last Modified: 2016-12-09
We pushed out (3163018 Cumulative update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016) and it caused all our computers to lose the ability to receive new group policy changes. We tried to recall it with WSUS but it won't work. Is there a way to uninstall this patch remotely like with a batch file that is run at first log in?
We have tried this without luck "Psexec -u ourdomain\administrator -p xxxxxxx -d -s \\10.1.32.61 wusa.exe /uninstall /kb:3163018 /norestart .
Thanks
0
Comment
Question by:CityInfoSys
2 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 41811586
It isn't a bad patch. Microsoft correctly patched a security vulnerability that allowed MitM attacks via group policy manipulation.

Fix your policies and you'll be fine. I *strongly* discourage uninstalling that CU. As you can't apply any other security updates released after it either (that's what makes them cumulative) without re-introducing the same behavior, And there are known in-the-wild security attacks addressed in July/August/September CUs. So this would put you in a very unsafe situation. Fix your GPOs.
0
 
LVL 1

Author Comment

by:CityInfoSys
ID: 41811632
Thanks, I found this too.

To resolve this issue, use the Group Policy Management Console (GPMC.MSC) and follow one of the following steps:

Add the Authenticated Users group with Read Permissions on the Group Policy Object (GPO).
If you are using security filtering, add the Domain Computers group with read permission.

In the Group Policy Management Console, go to the Delegation tab and add the read permission there, not in the Security Filtering pane in the Scope tag. That will make the policy readable, while not affecting who it is applied to.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
In this article, I will show you HOW TO: Create your first Windows Virtual Machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, the Windows OS we will install is Windows Server 2016.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question