I am not satisfied with MSFTs response on this. Here's how it played out.
I was able to abscond with an affected laptop, and the tech worked on it for a while. He was eventually able to see that our AV (ESET) was holding onto the drive. I uninstalled ESET, rebooted, and he: - Expanded the downloaded patch - Used to DISM apply the patch, which seems to be successful. However, WSUS is still offering the update, and still requiring updates. The update doesn't show in the list of updates through the Windows Update GUI. The update does show in the registry, and if I do either a "wmi qfe list" or a powershell wmi query, but the InstalledBy and InstalledOn columns are missing. MSFT would only work with me on one machine, which I can almost understand - he stated that each machine could have a different cause for failure to install. While that's technically true, I have to believe that this many (35 out of just over 100) having this problem will likely have the same root cause. Further, I could point to another machine right now that doesn't have same configuration as the others (no AV), but I'm willing to bet the same root cause. I'm pushing back, saying that until the client and WSUS agree that this update is installed and no longer needed, the problem isn't really solved. Kurt
