Recently I was having an issue where a Windows feature update was showing as compliant but not installed.
After deploying the most recent Windows 11 feature update 23H2 to a set of test clients, I noticed that the update wasn’t applying. Using the ‘Support Center Client Tools’ app and targeting an effected device I could see that the update was being marked a ‘compliant’, despite the fact it hadn’t been installed.
After doing a bit of digging and reading these posts (here and here), it turns out devices with Windows update deferral settings applied may not show updates as applicable.
Windows 11 version 22H2 clients configured with a deferral policy for Windows Updates and managed by Configuration Manager current branch, version 2303, may not show updates as applicable. – Microsoft Docs
This is fixed by the KB25506239 hotfix for MECM 2303 or by updating to MECM 2309.
This can be confirmed by checking the follow registry entries on an effected device.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
As you can see the ‘UseUpdateClassPolicySource’ registry entry is missing.
After the fix is applied, and the updated version of the configuration manager client is installed we can see that the entry now exists.
Open the ‘Support Center Client Tools’ app again and refresh the deployments view, the Windows 11 23H2 update is now showing as ‘non-compliant’ so will be installed.
Once the update is installed, restart the device and allow the update to complete.
Once the update is complete, we can confirm the update was installed.
Conclusion, make sure you keep an eye on any fixes released for MECM! Once the update is installed on all clients the feature update should follow suit.
