7 Replies Latest reply on May 24, 2017 9:45 AM by broberson

    Security Update for Microsoft Windows not showing in inventory

    rheckber Rookie

      I have a Window 10 client (1607) that has the patch for wannacrypt installed (KB4013429) along with a number of other patches.  KB4013429 was installed 4/5/2017.  However, inventory just shows 5 updates installed and KB4013429 is not one of them.  I'm trying to scan for how many machines are patched.  There are other machines that do report that patch installed.

       

      I've tried running full sync scans from the console end, running inventory from the client end, re-installing the client, deleting the client from the console and again re-installing the client with the same results.  Inventory\Name\OS\Updates\updates still only shows 5 installed updates.

       

      Last Software Scan Date and Last Updated by Inventory Scanner all show today's date and the time is just after client installation

       

      LD version is 9.60.2.48

       

      Patch was originally installed through our WSUS server

        • 1. Re: Security Update for Microsoft Windows not showing in inventory
          rdavidson SupportEmployee

          Hello,

           

          If you run systeminfo.exe in a command prompt and check the "Hotfixes" section, does KB4013429 show up?

          • 2. Re: Security Update for Microsoft Windows not showing in inventory
            rheckber Rookie

            Thank you for replying to me.

            Running systeminfo.exe in a command prompt only shows the 5 patches LANDesk lists.

            UpdatesCMD.PNG

             

            So I see where LANDesk is getting its information.

            However, when I look at the Update history GUI under Settings it shows KB4013429 as installed along with a number of others.

             

            Updates.PNG

             

            Any thoughts as to why Win10 wouldn’t be recording installed patches/hotfixes properly?

            • 3. Re: Security Update for Microsoft Windows not showing in inventory
              phoffmann SupportEmployee

              I suspect that'd be one for Microsoft to answer in the end.

               

              It's possible that something within Windows has become corrupt / broken and would need to be rebuilt? That's just an assumption, but with various things being prone / at risk of breakage (such as WMI in general), that'd make sense. "Bad data in - bad data out" as it were. What steps would be involved in fixing this ... not sure, not run into this particular sort of "fun". That at least is what makes sense to me at this point.

               

              Not exactly overjoyed of the prospect of having an additional risk factor of even Windows lying to us (granted - unintentionally so) to deal with on top of everything else with the latest round of "fun" around WannaCry & co. *sigh*.

               

              Not sure is the usual approach of "run SFC /SCANNOW" (as per - System File Checker (Windows) ) will help here, as I'm not sure where that Windows Update repository is kept within Windows. Google-fu may help a bit ... but may give the usual "try to fix Windows nonsense" stuff a go and see if that helps? .

              • 4. Re: Security Update for Microsoft Windows not showing in inventory
                MrGadget Expert

                If its any consolation, I checked my Windows 7 the same way using systeminfo and it did not show all the updates installed including the one for the wannacrypt.

                In Programs and features it is listed there.

                • 5. Re: Security Update for Microsoft Windows not showing in inventory
                  leonardoco Rookie

                  I'm having kind of the same problem, but in some Windows 7 Clients.

                   

                  Inventory does not have "Inventory\Name\OS\Updates"

                  Inventory_without_updates.jpg

                  But in my case running Systeminfo or "WMIC qfe get hotfixid" shows all updates installed.

                  • 6. Re: Security Update for Microsoft Windows not showing in inventory
                    phoffmann SupportEmployee

                    leonardoco - your issue would need to be debugged / troubleshot with support, by and large.

                     

                    I'd be mildly curious what vulscan has to say - that should give you an accurate view of things (since the "software inventory of installed updates" just pulls stuff from Windows seperately). I would suspect / imagine that something like WMI is borked on the machine(s) in question, but that's just a semi-educated guess.

                     

                    It'd need a closer look & debugging ... so - support ticket really. Not something that can effectively be troubleshot here (especially if debug DLL's are going to be needed).

                     

                    What you COULD do (to help pre-load the support case) is run the following on a / the affected machine. In the LDCLIENT directory, run:

                     

                    LDISCN32 /V /F /SYNC /DEBUG /O=zz_output.scn

                     

                    /V -- verbose / GUI enabled scanning

                    /F -- forces a software scan (needed for this kind of info to be picked up)

                    /SYNC -- forces a non-delta scan ... technically not needed, but just being thorough.

                    /O={tfile} -- creates an output inventory scan file ... will be handy / answer a lot of questions around file versions of the Management Suite files (such as LDISCN32) that you have.

                    /DEBUG -- enables debug logging (may be a "cheap win" to figure out what's going on) ... note that this will create a fairly hefty log.

                     

                    The debug information will be written into:

                    -- C:\Program Files (x86)\LANDesk\LDClient\Data\Ldiscn32.log

                    -- C:\ProgramData\LANDesk\Log\Ldiscn32.log

                     

                    ... that may help front-load the affair potentially (no guarantees, but it doesn't cost you anything really).

                     

                    Hope this helps.

                    • 7. Re: Security Update for Microsoft Windows not showing in inventory
                      broberson Apprentice

                      We found the answer when we called Support.  Apparently those patches in 'Update History' actually aren't installed any longer on the device because they were replaced by a new KB/patch.  So check for the latest patches which replaced those you are looking and I bet you will see those installed now.