Server Info:
- OS: Debian GNU Linux 13 - Trixie
- Browser: any
- RMM Version: v1.4.0
Installation Method:
Agent Info:
- Agent version: v2.10.0
- Agent OS: Win 10 / Win 11
Describe the bug
Not sure if a bug or by design but when RMM server updates agent's patch list to check for what to update and what's installed using API (https://docs.microsoft.com/en-us/windows/win32/api/_wua/) it don't take into account that updates could be superseded by newer patch versions/revisions and it shows superseded as missing resulting in client being also marked as "Patches Pending" as showed in the following capture.
The used windows API have the ability to decide whether to include or not superseded updates, ideally offering user the choice of enabling/disabling.
These are the API functions for doing it:
get_IncludePotentiallySupersededUpdates Gets and sets a Boolean value that indicates whether the search results include updates that are superseded by other updates in the search results. (Put)
put_IncludePotentiallySupersededUpdates Gets and sets a Boolean value that indicates whether the search results include updates that are superseded by other updates in the search results. (Get)
To Reproduce
Steps to reproduce the behavior:
- Using a W10/11 client/agent with Microsoft Windows Defender Antivirus
- If for any reason client not updates daily definitions for a couple of days, the third day you have 2 missing updates that never dissapears and showed as missing till end of times, and in some circunstances client/agent marked also as Patches Pending.
Workaround
Looks like IncludePotentiallySupersededUpdates = True when using updateSearcher so when polling for updates they get included.
So maybe something like this could do the job:
Set updateSearcher = updateSession.CreateUpdateSearcher()
updateSearcher.IncludePotentiallySupersededUpdates = False
Maybe even using a parameter for enabling/disabling this but anyway not understand why default to show superseded.
Server Info:
Installation Method:
Agent Info:
Describe the bug
Not sure if a bug or by design but when RMM server updates agent's patch list to check for what to update and what's installed using API (https://docs.microsoft.com/en-us/windows/win32/api/_wua/) it don't take into account that updates could be superseded by newer patch versions/revisions and it shows superseded as missing resulting in client being also marked as "Patches Pending" as showed in the following capture.
The used windows API have the ability to decide whether to include or not superseded updates, ideally offering user the choice of enabling/disabling.
These are the API functions for doing it:
get_IncludePotentiallySupersededUpdates Gets and sets a Boolean value that indicates whether the search results include updates that are superseded by other updates in the search results. (Put)
put_IncludePotentiallySupersededUpdates Gets and sets a Boolean value that indicates whether the search results include updates that are superseded by other updates in the search results. (Get)
To Reproduce
Steps to reproduce the behavior:
Workaround
Looks like IncludePotentiallySupersededUpdates = True when using updateSearcher so when polling for updates they get included.
So maybe something like this could do the job:
Set updateSearcher = updateSession.CreateUpdateSearcher()
updateSearcher.IncludePotentiallySupersededUpdates = False
Maybe even using a parameter for enabling/disabling this but anyway not understand why default to show superseded.