This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .
Have you ever been in a situation where a Windows device takes an update that is not compatible with the system or causes an issue that prevents user productivity? In this scenario, it can be frustrating to determine the best way to get the device(s) back to a protected and productive state. Using Microsoft Intune, here are a few ways to address the situation.
If the update you want to uninstall is a Windows feature update that replaced the previous version of the operating system (OS) on the device, you can roll back the feature update using Intune and by leveraging the Update CSP.
To use the Uninstall option for feature updates (Rollback/FeatureUpdate in the Update CSP) in Intune, the device must be running Windows 10, version 1803 and above, have feature updates paused, and be within the uninstall period.
Intune also provides the ability to uninstall quality updates installed on a device. Again, to leverage this capability, the device must be running Windows 10, version 1803 and above, have quality updates paused, and be running the latest quality update available to the device based on quality update deferral settings.
To uninstall other types of updates, including Windows feature updates delivered via enablement package, you can leverage PowerShell scripts in Intune.
*An enablement package, sometimes referred to as an eKB, is a small, quick-to-install "master switch" that activates features already present on a device but in an inactive and dormant state. Enablement packages are available for feature updates that share the same core operating system (OS) as the version of Windows prior to them (e.g. Windows 10, version 21H2 and Windows 10, version 22H2).
PowerShell
Once you are ready to use PowerShell scripts on Windows 10/11 devices in Intune, run the following two PowerShell scripts:
First, to get the full list of updates installed on the device run:
get-windowspackage -online -PackageName "*KB<NUM>*"
Then, to uninstall a specific update that was present in the list of installed updates, run:
Remove-WindowsPackage -Online -PackageName "Package_for_KB5015684~31bf3856ad364e35~amd64~~19041.1799.1.2"
You will need to swap the package information above with the package that you wish to uninstall.
|
Note: You will want to run both scripts under the system account. This means you should choose "No" as the default for "Run this script using the logged on credentials". |
Once the uninstallation is complete, restart the system.
Deployment Image Servicing and Management (DISM)
Alternatively, you can use the DISM tool directly:
dism /online /remove-package /PackageName:Package_for_KB5015684~31bf3856ad364e35~amd64~~19041.1799.1.2
You will need to swap the package information above with the package that you wish to uninstall.
As above, once uninstallation is complete, restart the system.
I hope you find this brief guide to uninstalling updates helpful. May you never need this information! As always, please feel free to reach out to me on Twitter @AriaUpdated or here on the Tech Community with questions, comments, and feedback.
Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A.