[GH-ISSUE #586] Windows Update KB2267602 keeps appearing w/o being auto-approved by patch policy based on severity (Other) #375

New issue

Closed

opened 2026-03-02 02:15:53 +03:00 by kerem · 3 comments

kerem commented 2026-03-02 02:15:53 +03:00

Owner

Copy link

Originally created by @rfost52 on GitHub (Jun 19, 2021).
Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/586

Server Info (please complete the following information):

• OS: Ubuntu 20.04
• Browser: chrome
• RMM Version (as shown in top left of web UI): 0.6.15

Installation Method:

• [ X ] Standard
• Docker

Agent Info (please complete the following information):

• Agent version (as shown in the 'Summary' tab of the agent from web UI): 1.5.8
• Agent OS: Win 10

Describe the bug
I couldn't find a bug request for this. but lately, I've noticed with my automation policy that it's auto approving my "OTHER" policies with exception to Microsoft KB2267602 (Security Intelligence Update for Microsoft Defender Antivirus) Quick check at Microsoft's website seems to show this KB is for definition updates. I'm guessing that since they are releasing it daily pretty much, or more often, my TRMM instance is not catching that one KB patch.

To Reproduce
Steps to reproduce the behavior:

• Created entirely new automation policy and applied to a site of a few agents
• Set patch policy to auto approve all severity levels and to run daily at a fixed time
• Agents were reporting relevant patches being auto-approved (except for KB2267602)

Expected behavior
All updates, including KB2267602, should automatically give blue check for approved and the blue pending icon.

Screenshots

Additional context
This KB is related to Windows Defender definition and, perhaps, signature updates. Microsoft uses the same KB everytime they update the definitions.

Originally created by @rfost52 on GitHub (Jun 19, 2021). Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/586 **Server Info (please complete the following information):** - OS: Ubuntu 20.04 - Browser: chrome - RMM Version (as shown in top left of web UI): 0.6.15 **Installation Method:** - [ X ] Standard - [ ] Docker **Agent Info (please complete the following information):** - Agent version (as shown in the 'Summary' tab of the agent from web UI): 1.5.8 - Agent OS: Win 10 **Describe the bug** I couldn't find a bug request for this. but lately, I've noticed with my automation policy that it's auto approving my "OTHER" policies with exception to Microsoft KB2267602 (Security Intelligence Update for Microsoft Defender Antivirus) Quick check at Microsoft's website seems to show this KB is for definition updates. I'm guessing that since they are releasing it daily pretty much, or more often, my TRMM instance is not catching that one KB patch. **To Reproduce** Steps to reproduce the behavior: - Created entirely new automation policy and applied to a site of a few agents - Set patch policy to auto approve all severity levels and to run daily at a fixed time - Agents were reporting relevant patches being auto-approved (except for KB2267602) **Expected behavior** All updates, including KB2267602, should automatically give blue check for approved and the blue pending icon. **Screenshots**   **Additional context** This KB is related to Windows Defender definition and, perhaps, signature updates. Microsoft uses the same KB everytime they update the definitions.

kerem closed this issue 2026-03-02 02:15:53 +03:00

kerem commented 2026-03-02 02:15:54 +03:00

Author

Owner

Copy link

@rfost52 commented on GitHub (Jun 19, 2021):

I've watched my agents over the last 24 hours and it seems some of them auto approved the KB, but others did not. However, the Windows Defender signature version, in parenthesis, is continuing to update, so it seems to me my computers are applying the KB daily. It may depending on the timing when the agent checks for patches maybe?

<!-- gh-comment-id:864426931 --> @rfost52 commented on GitHub (Jun 19, 2021): I've watched my agents over the last 24 hours and it seems some of them auto approved the KB, but others did not. However, the Windows Defender signature version, in parenthesis, is continuing to update, so it seems to me my computers are applying the KB daily. It may depending on the timing when the agent checks for patches maybe?

kerem commented 2026-03-02 02:15:54 +03:00

Author

Owner

Copy link

@wh1te909 commented on GitHub (Jun 19, 2021):

yes update approval happens every 8 hours or once a day i think so just give it some time and eventually will be approved

<!-- gh-comment-id:864448280 --> @wh1te909 commented on GitHub (Jun 19, 2021): yes update approval happens every 8 hours or once a day i think so just give it some time and eventually will be approved

kerem commented 2026-03-02 02:15:54 +03:00

Author

Owner

Copy link

@silversword411 commented on GitHub (Sep 21, 2021):

Looks resolved. Post if there's still a problem.

<!-- gh-comment-id:923909691 --> @silversword411 commented on GitHub (Sep 21, 2021): Looks resolved. Post if there's still a problem.

kerem referenced this issue 2026-03-02 02:24:04 +03:00

[PR #375] [MERGED] scripts 4 adds and a rename #1625

kerem referenced this issue 2026-03-14 07:27:38 +03:00

[PR #375] [MERGED] scripts 4 adds and a rename #3574

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

1.0.0

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.20.1

v0.20.0

v0.19.4

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.2

v0.18.1

v0.18.0

v0.17.5

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.5

v0.16.4

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.12

v0.15.11

v0.15.10

v0.15.9

v0.15.8

v0.15.7

v0.15.6

v0.15.5

v0.15.4

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.8

v0.14.7

v0.14.6

v0.14.5

v0.14.4

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.4

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.3

v0.11.2

v0.11.1

v0.11.0

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.2

v0.9.1

v0.9.0

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.32

v0.4.31

v0.4.30

v0.4.29

v0.4.28

v0.4.27

v0.4.26

v0.4.25

v0.4.24

v0.4.23

v0.4.22

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

In Process

  

bug

  

bug

  

dev-triage

  

documentation

  

duplicate

  

enhancement

  

fixed

  

good first issue

  

help wanted

  

integration

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

requires agent update

  

security

  

ui tweak

  

wontfix

No labels

In Process

bug

bug

dev-triage

documentation

duplicate

enhancement

fixed

good first issue

help wanted

integration

invalid

pull-request

question

requires agent update

security

ui tweak

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/tacticalrmm#375

No description provided.