NOTE: This is in response to a client complaint as well as the article referenced in the body of this post. I have not seen this with my own eyes. However, this script can be used for any KB Article you wish to remove from a Software Update Group, so I figured I’d post regardless!

 

If you manage your patch deployments using CM, you most likely only select critical and security patches for standard deployment. This was to ensure your compliance was met without risking the deployment of a standard update that may not be compatible with custom applications, amongst other reasons.

 

Well, now we have a problem (maybe)…

 

Microsoft recently released a “critical” patch that is, for all intents and purposes, adware. Your users will see a pop-up or banner in IE reminding them that it is important to move to Windows 10. More can be found in THIS ARTICLE. (Please note that I have not seen this myself, but it was reported to me twice today, so preventative measures until we have it all sorted out!)

 

Super cool, right? I mean, who doesn’t love call-generating issues? The more end-user interaction the better, I always say! (<- I don’t say that)

 

Well, if you are under the gun and need to remove this from all of your software update groups (hopefully, you haven’t deployed to production yet because you are a good admin), then do I have the script for you!

 

Copy below into ISE and save the script as “Remove-ArticleID.ps1”. The syntax for this specific KB removal would be:

.\Remove-ArticleID.ps1 3139929

 

Now, go save the world!

 

<#
.SYNOPSIS
Remove KB Article from Software Update Groups
.DESCRIPTION
This script can be used to remove an Article from all Software Update Groups in SCCM

.EXAMPLE
.\Remove-ArticleID.ps1 3139929

.EXAMPLE
.\Remove-ArticleID.ps1 -ArticleID 3139929

.NOTES
Written by Jesse Walter, Model Technology Solutions

.LINK
www.model-technology.com
#>

param(
[parameter(Mandatory=$true)]
$ArticleID
)

$SiteNamespace = "root\sms\" + ((gwmi -Namespace "root\sms" -Class "__Namespace").name)

$Updates = gwmi -Namespace $SiteNamespace SMS_SoftwareUpdate | ?{$_.IsDeployed -and $_.ArticleID -eq $ArticleID}

$CI_IDs = $Updates | select -ExpandProperty CI_ID

## Remove from Software Update Assignment

ForEach ($Update in $Updates)
{
$CI_ID = $Update.CI_ID
$Authlist = gwmi -Namespace $SiteNamespace SMS_AuthorizationList | ?{$($_.__PATH).Updates -like "*$CI_ID*"}
$AuthList = "$($AuthList.__PATH)"
Write-Output "Removing $($Update.LocalizedDisplayName) from $($AuthList.LocalizedDisplayName)"
$AuthList.Updates = $AuthList.Updates | ?{$_ -ne $CI_ID}
$AuthList.Put() | Out-Null
}