Ran into a few patches that install successfully and throw exit code 17025 (patch already installed)

I’ve ran into a few patches in my environment that push and install successfully - completed on each line of the action script. They show failed with exit code 17025 however, which translates to patch already installed. The patches remain relevant, which throws off our reporting some. Is there a way to have this reviewed?

Here are the 3 patches - being applied to Win 2012 R2 machines.

MS15-116: Security Update for Microsoft Office to Address Remote Code Execution - Access 2016 Gold - KB2910978 (x64)

MS15-116: Security Update for Microsoft Office to Address Remote Code Execution - Publisher 2016 Gold - KB2920680 (x64)

MS16-070: Security Update for Microsoft Office - Visio 2016 - KB3115041 (x64)

Hi @Entaille, as this issue requires debugging with the registry keys, kindly open a PMR with IBM support. Thank you!

I’ve had this occur several times as well, usually with Office patches as you’ve seen.

What I usually do is to create a custom copy of the fixlet, and in my copy if the install returns 17025 then I’ll use wusa to uninstall the patch, then run the installer again, after which it executes successfully and then becomes non-relevant.

Where I’ve experienced this, I’ve found that one or more of the files included with the patch had been overwritten with earlier versions. Windows Update and WUSA indicate the patch is installed (based on registry entries), but BigFix was correctly showing the patch Relevant (because the patched files were not at the correct versions).