WUps
Windows Update is both essential and painful. Regularly interrupting the normal flow of work, sometimes sapping all the energy out of the computers, taking control for long periods of time (on older machines this could be hours!) and occasionally “whoops…” Like the past few days where all except one of my PCs has choked on KB5034441. There are suggestions that the problem is due to the relatively new requirement that the Windows recovery partition have at least 250Mb of available space. All of mine have more than double that, so the update failure is likely more complex. The remedy (partition resizing) proposed by Microsoft is far more convoluted than anything the average user would be familiar with, and infeasible for any central IT administrator to apply to their many users. It comes with significant risks, notably disk corruption, and while the patch is an essential fix for a security issue, it only applies to the minority of people who have BitLocker enabled. Even for those affected, it only applies if physical access to the affected PC by an attacker is possible. That’s a lot of “if”s.
What should be done while we wait for Microsoft to fix their fix? Since the failed patch keeps insisting on a retry, my strategy is simple: ignore it. Or at least, instruct my PCs to ignore this particular patch.
Ignoring a WU patch
Microsoft once offered a tool call “Show or Hide Updates” that scanned for available updates and allowed you to select which of them would be hidden from the WU process. This tool doesn’t require any installation. Just run the wushowhide.diagcab file, select the Hide option, wait for it to present the list of available updates and (in this case) select the offending KB5034441. Sadly Microsoft no longer offer the S&HU tool on their site, but thanks to the Wayback Machine you can download wushowhide.diagcab from the archive.
After hiding the offending update via the S&HU tool, if it is still marked as “retry” in the Windows Update section of Windows Settings, just click the retry link and watch the update disappear.
What next?
Microsoft will eventually release a fix for KB5034441. This might be a revision of the patch, in which case the patch identifier may stay the same, which unfortunately means the S&HU configuration will prevent the fix from being applied. You could re-run S&HU to un-hide the patch, but only if you are sure the patch has been fixed.
Alternatively, Microsoft could withdraw the broken patch so it is no longer offered via WU. In its place they would issue a new patch with a new ID to be applied automatically via WU in the usual way. Hopefully this time without choking.
Categorised as: Operating Systems, Technology