[Windows] Is there a way to install a single Windows Update by KB article ID?
799 views
Skip to first unread message
Brian Jackson
Oct 12, 2016, 2:15:42 PM10/12/16
to Ansible Project
I don't see this functionality in the `win_updates` module, but I wanted to ask. I have a prerequisite on Windows 7 to install KB2999226 and KB2842230. I'd prefer to not install every available update to preserve consistency, portability, reproducibility, etc. Is there an easy way to do this?
P.S. I need those KBs so Ansible itself can install/upgrade Chocolatey properly. I've installed them manually on a test box to verify they fix my Ansible/Chocolatey issues.
Matt Davis
Oct 13, 2016, 11:34:50 AM10/13/16
to Ansible Project
This functionality isn't currently implemented on win_updates. I've had a few people ask for it, and I might have time to implement it for 2.3, as it's not terribly difficult so long as we stick to "limit the update search/install to these KBs" and not "force install exactly these KBs".
Unfortunately I believe KB2842230 is a hotfix, and thus not available on Windows Update- we don't yet have a supported method to install hotfixes under WinRM. wusa.exe is the only supported method, and it fails under WinRM (likely for the same reason that makes the win_updates module so complex). If you have to touch the box anyway, you might do better to just upgrade to Powershell 4 or 5.
-Matt
J Hawkesworth
Oct 18, 2016, 9:13:39 AM10/18/16
to Ansible Project
You can install hotfixes if necessary, although its a bit of a faff.
see https://support.microsoft.com/en-us/kb/27738398
You have to use wusa with /extract to unpack the update file (which does work over winrm) and then use dism.exe to install the cab.
Example below.
Hope this helps,
Jon
see https://support.microsoft.com/en-us/kb/27738398
You have to use wusa with /extract to unpack the update file (which does work over winrm) and then use dism.exe to install the cab.
Example below.
Hope this helps,
Jon
- name: check if Windows8.1-KB2999226-x64.msu hotfix has been applied
raw: Get-Hotfix -Id KB2999226
register: hotfix_status
ignore_errors: true
- name: show hotfix status
debug:
var: hotfix_status
# Unfortunately you can't use wusa directly to install windows updates.
# see https://support.microsoft.com/en-us/kb/2773898 for details
# you have to unpack the update file and then use dism.exe to install the cab
- name: unpack the hotfix if needed
raw: 'wusa C:\deployment\current\Windows8.1-KB2999226-x64.msu /extract:C:\deployment\archive'
when: "hotfix_status.rc == 1"
- name: use dism to install the cab containing the hotfix
raw: 'dism.exe /online /add-package /PackagePath:C:\deployment\archive\Windows8.1-KB2999226-x64.cab'
when: "hotfix_status.rc == 1"
Matt Davis
Oct 18, 2016, 1:14:40 PM10/18/16
to Ansible Project
Thanks Jon- that's a great workaround!
Reply all
Reply to author
Forward
0 new messages