We mentioned this in our April Patch Blog, but we wanted to do a separate post to make sure everyone sees and understands the implications of this anomaly.
Issue: Some Windows 11 machines with 23H2 are not getting the latest Cumulative Updates (CU).
Symptom: The machine will appear to be fully patched, not only to Kaseya but also if you run Windows Update. However, if you run a Hot Fix check for either March or April’s CU, neither is installed.
How to locate: We have a script you can find on ClubMSP called Windows 11 – Check Latest Cumulative Update (CU). You create a custom field and then run the script. It will check for either KB5053602 or KB5055528. If you don’t want to download and run the script, you can simply run this PowerShell command either locally or from within LiveConnect:
if (Get-HotFix | Where-Object { $_.HotFixID -in @(‘KB5053602’, ‘KB5055528’) }) { “YES” } else { “NO” }
If it comes back YES, then you are OK, your machine is likely getting updates. If you get a NO, then you are experiencing this issue.
Suspected Cause: What we think is happening is that Microsoft is trying to update the machine to 24H2, but it is stuck. We noticed that some machines said that KB5053598 (March’s CU) was needed, but it was 90GB, which is clearly not a CU, but rather a major upgrade. For whatever reason, the machine is stuck trying to do this update, so it won’t do any 23H2 updates.
Solution: The solution seems to be to run a script to LOCK the current feature set at 23H2. Once you do this, the scans will now show the correct needed CU and should install it. This script is also available on ClubMSP called Windows 11 – Lock Target Version – Folder, it is a folder that contains the locks and also the unlock.
Action Items: We strongly suggest you review all your Windows 11 – 23H2 machines to see if they are impacted by this, run the lock script, and run it through a patch cycle. Once machines are back up to date, you can decide to remove the lock so it can be updated to 24H2.
Let us know what you find!
Chris and the VA Team
