BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Windows 10 update problems are not uncommon. Microsoft issues updates that for one reason or another fail to download completely, or the installation hangs before it finishes.
In addition to failures, Windows 10 update problems apply to the process as well. Many administrators are up in arms over what they consider forced updates where they find Windows 10 installed updates without their permission. Other admins are happy to take security-related and other routine updates, but don't want Windows to mess with their drivers.
Fortunately, there's a fix for these kinds of Windows 10 update problems. It comes from the add-package portion of the Windows Deployment Image Servicing and Management (DISM) command utility.
What does servicing a package really mean in Windows?
In general, a Windows package refers to Windows Cabinet or Windows Update Standalone Installer files (.msu) admins use with Windows Update or through direct download to install or remove updates, service packs, language packs, upgrades and more. In this context, servicing a package means performing a variety of operations such as adding or removing an update, or enabling or disabling a system feature.
Also, the well-known DISM cleanup-image commands can replace corrupt or damaged files in a running or offline Windows image, remove obsolete items and restore order to the Windows component store, which processes and tracks all of the components and services installed during a Windows OS update. These operations are a form of package servicing.
DISM add-package as an alternative to Windows Update
The /Add-Package portion of the DISM command line comes in handy a lot. If any Windows Update package does not download or install correctly, admins can usually turn to the Microsoft Update Catalog to download a stand-alone version of the package instead.
The best way to work with the Update Catalog is to search for entries by their Microsoft Knowledge Base article number. Searching for KB4010250, which is a recent update to Adobe Flash Player for Windows, for example, yields the following results (Figure A):
From these listings, admins must select the entry that matches the platform they want to update. For Windows 10 admins that means either the 32- or 64-bit version of Current Branch, Current Branch for Business or the Long Term Servicing Branch. Grabbing the 64-bit version for Current Branch produces a 20.4 MB file named: windows10.0-kb4010250-x64_fa7ad44be8dd1c65b51f07efbee478b0fbf82f5c.msu.
This file ends with the .msu extension, which labels it as a self-installing stand-alone update file. For one-off applications of this update it's not necessary to use DISM to add it to a running Windows installation. The same is true for cabinet files admins obtain from the Update Catalog, but only if those files include an installation program.
Why use DISM to add packages
DISM is ready and able to add packages to any running or static Windows images admins need it to. This makes DISM especially well-suited for admins who must maintain images for deployment or repair on desktops. They can use it to update their image libraries as they test, vet, approve and apply updates to the standard images. Then, when they roll out new images, or replace existing images to repair or recover damaged or corrupted machines, they can be sure those images are up to date and include all current and approved updates, patches and fixes.
The basic syntax for adding packages using DISM is:
DISM /<target> /add-package /packagepath:<packagespec>
With syntax, of course, the devil is always in the details, so it's worth breaking down each element of the command:
- /<target> identifies whether the image admins want to add to the package is online or offline. Online images take the /online attribute. Offline images take the /image attribute followed by a colon, followed by the location of the image admins want to update. For example, /Image:C:\test\offline.
- /add-package informs DISM it is adding a package to an image, and it takes no modifiers or attributes.
- /packagepath:<packagespec> defines the on-disk location of the package file admins add to an image, where <packagespec> is a complete file specification for that package file. For example, /packagepath:X:\updates\windows10.0-kb4010250...msu.
This particular DISM command also takes two additional attributes that may be useful for admins:
- /IgnoreCheck skips the default setting DISM uses to check if the packages are applicable before adding them to an image. Admins should only use this if they're certain they must apply the package to the target image.
- /Preventpending skips package installation if DISM detects the package or the Windows image admins specified in the command has pending online actions. This prevents potential update conflicts, so it's a good idea to include it for offline images.
Windows 10 update process pop quiz
Understand Windows 10's update rings
What's the deal with the Windows 10 Creators Update?
Troubleshoot Windows 10 update issues