Windows Printer BSOD KB5000802 and KB5000808 GPO Script

From WTFwiki
Revision as of 10:13, 16 March 2021 by Anexit (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Microsoft release an update that causes an BSOD on those computer with KB: 5000802 KB: 5000808, I've heard of others but I have not seen it first hand. In order to fix this on our domain network I created the below script; 

# "19041.867.1.8" = KB5000802
# "18362.1440.1.7" = KB5000808

$UpdateArray = @("19041.867.1.8", "18362.1440.1.7")

foreach ($UpdateVersion in $UpdateArray) {
    $SearchUpdates = dism /online /get-packages | findstr "Package_for" | findstr "$UpdateVersion"  
    if ($SearchUpdates) {
        $update = $SearchUpdates.split(":")[1].replace(" ", "")
        write-host ("Update result found: " + $update )
        dism /Online /Remove-Package /PackageName:$update /quiet /norestart
    } else {
        write-host ("Update " + $UpdateVersion + " not found.")
    }
}
exit 0

Essentially you would add this to your GPO in "Computer Configuration > Policies > Windows Settings > Startup/Shutdown - Powershell" In this case I used startup to remove the two updates. Keep in mind that anything in "Startup/Shutdown" is ran as the system user with a high level of permissions. You would need to invoke runas to use the login/logoff or run it as a user. I also added some registry hacks to delay updates. 

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" /v "PauseUpdatesExpiryTime" /d "2021-03-15T17:38:35Z" /f                                                                                       
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" /v "PauseFeatureUpdatesStartTime" /d "2021-03-11T17:38:40Z" /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" /v "PauseFeatureUpdatesEndTime" /d "2021-03-15T17:38:35Z" /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" /v "PauseQualityUpdatesStartTime" /d "2021-03-11T17:38:40Z" /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" /v "PauseQualityUpdatesEndTime" /d "2021-03-15T17:38:35Z" /f

We do use WSUS but this update just jets by that and installs anyways. I believe because it was tree'd as high priority. The new update does seem to work but we're still facing this issue on certain printers (CANON). The script can also be used to remove any other future updates if this happens again. Generally a good idea to test before deploying.

Retrieved from "http://wtf.hijacked.us/wiki/index.php?title=Windows_Printer_BSOD_KB5000802_and_KB5000808_GPO_Script&oldid=1443"