Missing patches that always show missing in results - Security Tools

Version 20



    • Detected patch continues to show as missing after successfully deploying.
    • Patch that shows missing ends with 'U' every other deployment.




    There are patch type that exist as an installer and an uninstaller; these patches can cause a loop when scanning and deploying. When the installation patch is deployed it makes the uninstall patch considered to be missing. These patches are designed by their vendor in this manner to facilitate adding/removing the patch according to environmental needs. If scanning/deploying these types of patches it may appear that the patch continually is missing as it continues to add/remove per deployment. The uninstall patch will end with 'U'. These patches tend to belong to the 'Security Tools' patch type.


    Example: Missing the Installation Patch

    Missing Install Patch.png


    Example: After Installed, Now Missing Uninstall Patch

    missing uninstaller.png




    Exclude the specific patch utilizing a patch group, or choose not to deploy the patches installer/uninstaller after scanning.


    Refer to the following document:


    How To: How To:  Include or Exclude Specific Patches in Scan Results in Ivanti Patch for Windows Servers


    These are known patches that offer an uninstaller.


    • Q2719662(U) - MS12-A06
    • Q2794220(U) - MS12-A10
    • Q2847140(U) - MS13-A02
    • Q2887505(U) - MS13-A08
    • Q2896666(U) - MS13-A09
    • Q4072698(U) - IVA18-001
    • Q4072699(U) - IVA18-002


    Affected Products


    Patch for Windows 9.3+