Why an Expected Update is Not Available or Missing from a Device

Introduction

Are you looking for a specific update or KB for a device, but it is not appearing as available in the Automox console?

Automox is completely dependent on the native package manager and update source of the device to tell us what updates are available or installed. When Automox scans a device, we invoke the local package manager to check for updates. Depending on the operating system, this could be Windows Update or WSUS for Windows, Software Update for macOS, or the respective package manager (such as apt, yum, or dnf) for Linux distributions.

If you are not seeing an expected update on the Software or Device Details page in Automox, it means the local OS repository or package manager is not offering it.

Common Reasons an Update is Not Available

If an update is not showing as available for a device, it is typically due to one of the following reasons:

1. Update Delays: Updates are often rolled out gradually by the OS vendor (Microsoft, Apple, etc.), so a patch might not be immediately available for all devices. Vendors release updates in stages to manage server load and monitor for potential issues.

2. Native Update Settings: Ensure that the local OS update settings are configured correctly. Specific device-level configurations can sometimes prevent automatic updates from functioning or being detected.

3. Update Cache Issues: A corrupted local update cache can block the system from seeing new updates. Clearing the cache or running native update troubleshooters can help resolve this.

4. Compatibility Issues: Ensure the device is fully compatible with the update. Some updates have strict prerequisites or are not available for older hardware, specific OS versions, or certain configurations.

5. Network Issues: Check the device's internet connection and firewall rules to ensure it can successfully reach the OS vendor’s update servers (or your internal update server, if applicable).

6. Local Update Policies: If the device is managed by an organization, Local Group Policies (GPOs), MDM profiles, or system administrators might be controlling, blocking, or deferring when updates are released to the endpoint.

7. Pending Updates or Reboots: Make sure all previous updates have been installed and the device has been restarted. Often, a prerequisite update must be applied and the system rebooted before newer updates become available to the package manager.

8. Out-of-Band / Catalog-Only Updates: Some specific patches (like out-of-band Microsoft KBs) are only available via manual download from the vendor's catalog and are not distributed through standard OS update channels.

Troubleshooting Steps

To troubleshoot a missing update, we recommend trying the following steps directly on the affected device:

• Manually Check for Updates:

  • Windows: Go to Settings > Update & Security > Windows Update (or Settings > Windows Update in Windows 11) and click Check for updates.

  • macOS: Go to System Settings > General > Software Update (or System Preferences > Software Update on older versions).

  • Linux: Run your standard repository update command (e.g., sudo apt update or sudo yum check-update).

• Run Troubleshooters or Clear the Cache: * Windows: Run the Windows Update Troubleshooter found in Settings > Update & Security > Troubleshoot > Additional troubleshooters.

  • Linux: Clear your local package manager cache (e.g., sudo apt clean or sudo yum clean all).

• Restart the Device: Sometimes a simple restart can resolve pending installation states and allow new updates to surface on the next scan.

• Verify Update Distribution Methods: Search for the specific update (e.g., the KB article) on the vendor's support site. Check the Installation section to confirm if it requires a manual download.

Solution for Catalog-Only Updates (Windows)

If an update is exclusively available through the Microsoft Update Catalog and not visible to the OS repository, Automox cannot patch it via a standard Patch Policy. A manual or Worklet-based installation is required.

Worklet Solution:

You can deploy out-of-band updates using the Windows - Configuration - Install Out-of-Band Patch (MSU) Worklet.

1. Add the Worklet to your Automox console.

2. Replace the $kb variable with the update you wish to install.

3. Replace the $UpdateURL variable with the full URL for the .MSU file from the Microsoft Update Catalog.

The .MSU file will be downloaded and installed silently via the Windows Update Standalone installer tool (WUSA.exe). If a restart is required to finalize the installation, you can use the Worklet's native automatic restart feature.