KB2975719 is not installed as expected using MDT 2013
Problem:
Customer uses (MDT) Microsoft Deployment Toolkit 2013 to perform Windows 2012 R2 or Windows 8.1 deployments and discover that KB2975719 is not installed although it’s applicable.
My customer scenario:
Customer creates a task sequence to deploy, patch and capture a custom wim for deployment which succeeds. They then deploy patched wim and find that KB2975719 is found to be applicable and is installed adding roughly 10 minutes to overall build process. My customer wanted to know why the patch was not included in the original capture as it should have been.
Root cause:
The patch has six child updates, five of which have applicability rules. The first five are satisfied on the first run, the sixth with child update ID {89F63D7F-A24F-42AB-B091-805F7D18136B}.204 has a requirement that Win32k.sys be greater than certain version to be installed. This is not satisfied on the first run so it’s not installed. On the second run Win32k.sys has the correct version and the patch is installed. The ZTIWindowsUpdate.wsf script has a limitation where it will not attempt to install the same package\payload two times which is a requirement for this kind of patch. As a result, the patch is not installed as expected in image creation. Deployment of the patch with WSUS\SCCM\Windows Update after the OS is deployed will succeed as expected because the prerequisites are there.
3 possible Workarounds to include the patch in reference image:
#1 Download a revised version of ZTIWindowsUpdate.wsf which allows the patch to be installed as desired. Simple download from the following blog posting. (This is preferred as this does not require the customer to make any changes to their task sequence.)
#2 Add a step into the task sequence which will reset the listing of Windows Update patches found. In this way, ZTIWindowsUpdate.wsf will detect KB2975719 and it will be installed. This is documented in the following blog. (This will require a change to task sequence)
#3 Use the LTISuspend.wsf feature to pause the deployment and manually install the patch, click the resume shortcut on the desktop to resume capture. This is documented in the following blog.
A bug has been filed with the MDT team for consideration
https://connect.microsoft.com/ConfigurationManagervnext/feedback/details/1009473
** Updated 1/8/2015 **
Microsoft has refreshed installation media for Windows 8.1 Update and 2012 R2 Update from MSDN and VLSC download locations to include November 2014 cumulative rollup. Please use that media for deploying and capturing reference images.