are enabled and that provided credentials have administrative rights. Missing Certificate Chains
Many enterprise patch scanners rely on WMI queries to retrieve hotfix IDs via SELECT * FROM Win32_QuickFixEngineering . If the WMI repository is corrupted, the query returns an incomplete or invalid dataset. Error -21745 is a common wrapper for this WMI failure.
Then re-run the assessment. If the error persists, check for custom /etc/paths or shell environment variables that might alter the output of softwareupdate . os security patch assessment failed -21745-
This is effective in 70% of -21745 cases. Run the following commands in an :
Run PowerShell as Administrator and execute: Error -21745 is a common wrapper for this WMI failure
Error -21745 typically translates to:
In many modern IT Operations Management (ITOM) platforms, patch assessment works as follows: This is effective in 70% of -21745 cases
Once resolved, take these steps to ensure the error never returns:
Add a monthly scheduled task to stop and restart the update services and purge SoftwareDistribution older than 30 days.
Before every patch assessment, run a lightweight script that: