Skip to content

How to roll back software

Brock
Brock Bingham|Updated July 9, 2026
How to roll back software
How to roll back software

TL;DR: When a flawed software update causes instability, compatibility issues, or newly introduced risk, a safe response may be to roll back to a known-good version, apply a vendor-approved workaround, or uninstall the software until a fixed release is available. PDQ Connect and PDQ Deploy & Inventory simplify the process by helping IT teams uninstall the problematic version, redeploy an earlier version, or create custom uninstall packages when prebuilt options are unavailable, keeping endpoints stable without forcing admins into panic-mode troubleshooting.

To roll back software, uninstall the problematic version, redeploy the last known-good version, and verify that affected endpoints are stable. This process helps IT teams respond quickly when an update introduces bugs, compatibility issues, or a security vulnerability.

Maintaining a rollback plan is one of the simplest ways to prepare for unanticipated yet unavoidable issues. It provides a systematic, repeatable approach to your in-house processes so that you’re not stuck coming up with ideas on the fly. This plan might also include information on your file and system backup strategy, version control, testing procedures, restore point, recovery plans, and other critical details.

Software rollback basics

What is a software rollback?

A software rollback is the process of removing a problematic software version and restoring a previous known-good version to reduce bugs, compatibility issues, or security risk.

How do you roll back software?

To roll back software, confirm the affected version, uninstall it from impacted endpoints, redeploy a previous stable version, verify the installation, and monitor devices for errors or missing dependencies.

  1. Identify the affected application, version, and endpoints.

  2. Confirm whether the vendor recommends rollback, workaround, or uninstall.

  3. Uninstall the problematic version from impacted devices.

  4. Deploy the previous stable version or restore from backup.

  5. Verify the version, test core functionality, and monitor for new issues.

Which patch management tools support rollback?

Rollback support depends on the tool, application, operating system, and whether the update supports clean removal. For third-party apps, the most reliable rollback workflow usually combines endpoint targeting, uninstall automation, redeployment of a known-good version, and reporting to confirm success.

Tool

Rollback support

One-click rollback

PDQ

Yes. PDQ can uninstall the problematic version and deploy an earlier package version when available. Admins can also create custom uninstall packages for apps without prebuilt uninstall packages.

No. Rollback is typically a controlled uninstall and redeploy workflow rather than a single rollback button.

Action1

Yes, for some scenarios. Action1 supports remote Windows update removal and software uninstall workflows.

Not clearly documented as a universal one-click rollback feature.

NinjaOne

Yes, for some scenarios. NinjaOne supports uninstalling Windows patches and managing third-party software updates.

For Windows patches that support rollback, according to NinjaOne documentation.

Manual rollback

Yes, if you have the installer, backup, restore point, or version control needed to restore the previous version.

No. Manual rollback usually requires several steps per device or a separate automation method.

What patch management features make software rollback safer?

The safest patch management tools for rollback help IT teams identify affected endpoints, uninstall problematic versions, redeploy known-good versions, and verify results without touching each device manually.

Look for features that support:

  • Third-party application deployment and version control

  • Endpoint grouping for staged rollouts and rollback targeting

  • Active Directory or dynamic group targeting

  • PowerShell scripting for custom uninstall workflows

  • Remote deployment for distributed or hybrid workforces

  • Reporting to confirm rollback success and failed deployments

These features matter because rollback is rarely a single-button action. In most environments, it is a controlled uninstall, redeploy, and verification workflow.

What are your options when a flawed update or vulnerable version is discovered?

When a vulnerability or flaw is discovered in software already deployed across your network, your response depends on severity, business impact, vendor guidance, and whether a stable previous version is available.

Most teams choose one of four options:

1. Roll back the software to a previous version

2. Implement a workaround

3. Ignore the vulnerability and accept the risk

4. Uninstall the software

Let's briefly go over each of these options.

1. Roll back the software to a previous version

When an update introduces a vulnerability, often the best solution — and the one that has the least negative impact on users and operations — is to roll back the software, restoring it to its last known good configuration.

2. Implement a workaround

When a software update introduces a vulnerability, it's common for the developer to quickly provide a workaround to negate the vulnerability while they work on a patch to patch the patch (what a fun phrase). Sometimes workarounds are easy to implement, but occasionally they require drastic changes that could impact functionality.

3. Ignore the vulnerability and accept the risk

This is a do-at-your-own-risk type of solution. Obviously, having a vulnerable system on your network is a no-no, but occasionally you don't have any other choice. When a system is critical to operations and rolling back or implementing a workaround isn't an option, then accepting the risk is all you can do. In these situations, you'll still want to do whatever possible to minimize the risk. Additionally, sacrificing old computer equipment to the sysadmin god of your choice may or may not reduce your chances of the vulnerability being targeted by cybercriminals.

4. Uninstall the software

Uninstalling software that has been impacted by a vulnerability is an obvious solution, though not feasible in many situations. Organizations aren't in the habit of installing unnecessary software. I think you'll find that most users are unwilling to let go of apps they depend on to get their jobs done.

What option should you use when a flaw is discovered?

In most cases, roll back the software or apply a vendor-approved workaround first. Choose based on the vulnerability’s severity, the application’s business impact, and whether the previous version is safer to run.

Rolling back software often has the least negative impact on an environment. Keep in mind that the rollback option may delay the adoption of new features and security fixes, so you must consider those things compared to the severity of the vulnerability.

Implementing a workaround is also a good option if one is available. Some workarounds are easy to implement and won't impact usage. However, some can be difficult to implement or require that you modify features or settings, which would negatively impact the usefulness of an application.

If rolling back the software or implementing a workaround aren’t options, then your last-resort options are ignoring the vulnerability and accepting the risk while waiting for a new update or uninstalling the impacted application. You should only consider accepting the risk if the affected application is a critical system of the organization. Uninstalling the software is drastic, but it is worth considering if the software isn't vital and users can live without it until a new patch is released.

How to roll back software with PDQ Connect

You can roll back software in PDQ Connect by deploying an uninstall package to affected devices, then redeploying a previous stable version of the application. This gives admins a repeatable workflow for removing a bad update without touching each endpoint manually.

Note that we’ve randomly selected an example to illustrate the rollback process. This does not imply that the software has any known vulnerabilities at the moment.

ConnectIcon CTA

Manage Windows & macOS devices from anywhere

With PDQ Connect, get real-time visibility into remote and local devices, deploy software, remediate vulnerabilities, automate routine maintenance, and remotely troubleshoot endpoints from one easy-to-use platform.

How do you roll back software using an uninstall package from the Package Library? 

1. In PDQ Connect, click on Devices. Then, click the Deploy button in the upper right corner. 

PDQ Connect Devices page with arrows pointing to the Devices tab and Deploy button for starting a software rollback.

2. In the Search packages field, input the name of the software you want to remove. I’ll use 7-Zip as an example. Click the relevant uninstall package, select your target group or devices in the Search devices and groups field, then click Deploy.

PDQ Connect Create deployment window showing an uninstall package selected for 7-Zip and target devices field.

Now that we’ve gotten that out of the way, we can reinstall an old version of 7-Zip. 

1. Click on Devices > Deploy, then search 7-Zip, and select the 7-Zip package.

2. Use the drop-down menu to select your specific version from the multiple versions available.

PDQ Connect deployment window showing available 7-Zip package versions for redeploying an earlier software version.

3. Use the Search devices and groups field to find your target, then click Deploy.

How do you create a custom uninstall package for rollback?

While PDQ Connect has uninstall packages for some of the most common software, we don’t have one for everything. Thankfully, you can always build your own. We’ll walk you through how to build an uninstall package for 7-Zip (if we imagine a world where PDQ doesn’t already provide it).

1. In PDQ Connect, go to Devices. Click on a device that has the target software on it. 

PDQ Connect Devices page with arrows pointing to the Devices tab and a selected endpoint named FRED.

2. Select Software from the menu.

PDQ Connect device details page with the Software tab highlighted for viewing installed applications.

3. Under the Uninstall string column, copy the uninstall string for your target application.

PDQ Connect Software page showing the uninstall string column for a selected application.

4. Click Packages > Create package.

PDQ Connect Packages page with arrows pointing to the Packages tab and Create package button.

5. Give your package a name. Next, click the drop-down menu next to Add install step, and select Add script step

PDQ Connect package editor showing the Add script step option for creating a custom uninstall package.

6. Enter cmd.exe /c followed by the command you copied into the PowerShell command window, making sure there is a space between /c and your command. 

7. Click Save to save and close the package. 

PDQ Connect script step showing a 7-Zip uninstall command and Save button.

Once you’ve created your package, just deploy it to any endpoints that you want to remove 7-Zip from. Then, follow the steps in the previous section to deploy an earlier version of the application to those same machines.

How to roll back software with PDQ Deploy & Inventory

Now let's look at a couple of examples of how to roll back software using PDQ Deploy & Inventory. Keep in mind that the applications targeted in these examples are only being used as examples and do not necessarily have a known vulnerability at this time.

How do you roll back software using an uninstall package from the Package Library?

For this first example, we'll be using Java 8, which has a prebuilt uninstall package included in the Package Library. The Package Library contains uninstall packages for tons of mainstream applications, making rolling back software super easy. We'll also use the version history feature in the Package Library to download and deploy an older, stable version of an application.

1. With PDQ Deploy open, click on Collection Library.

2. In the search box, enter Java 8.

3. Double-click the Uninstall Java 8 package to download it to your console.

PDQ Deploy Package Library showing the Uninstall Java 8 package selected.

4. Once the uninstall package has downloaded onto your console, right-click it and select Deploy Once.

PDQ Deploy window showing the Deploy Once option for the Uninstall Java 8 package.

5. In the software deployment window, click Choose Targets > PDQ Inventory > Collection.

PDQ Deploy Once window showing Choose Targets, PDQ Inventory, and Collection options.

6. Locate the collection you need. For the latest Java 8 collection, expand Collection Library > Runtimes > Java (JRE) > Java 8 > Java 8 32-bit > Java 8 32-bit (Latest), then click OK.

PDQ Inventory collection picker showing the Java 8 32-bit old collection selected for rollback targeting.

7. Back at the Deploy Once window, click Deploy Now to deploy the uninstall package.

PDQ Deploy Once window showing selected target computers and the Deploy Now button for uninstalling Java 8.

Once the package has deployed and Java has been uninstalled, we'll return to the Package Library to download an older version of Java.

1. In the Package Library window, enter Java into the search field.

2. Click on the Java 8 package.

3. In the Package Details window, scroll down to view the previous releases.

4. Click Download Now next to the version you wish to download.

PDQ Deploy Package Library showing previous Java 8 versions available to download for software rollback.

Once the package is downloaded, you can deploy it to the workstations that need it.

How do you generate an uninstall package with PDQ Inventory?

While there are a ton of uninstall packages available in the Package Library, you may come across an application that doesn't have one. If you need to revert software that doesn't have an uninstall package in the Package Library, we can use PDQ Inventory to generate one. Let's demonstrate the process using OpenOffice as our example application.

1. In PDQ Inventory, double-click on a computer that contains the application that you need to remove.

2. Click on the Applications page.

PDQ Inventory computer window showing the Applications page with installed software and uninstall commands.

3. Right-click on the application you want to build an uninstall package for, then click Create Uninstall Package in PDQ Deploy.

PDQ Inventory Applications page showing the Create Uninstall Package in PDQ Deploy option for OpenOffice.

4. PDQ Deploy will open, and the new uninstall package window will appear. Review the package, and click Save. Keep in mind that you'll want to ensure that the silent parameters have been configured correctly in the package.

PDQ Deploy package editor showing the generated uninstall command for removing OpenOffice.

Once the package has been saved, it's ready to deploy to the computers from which you need to remove the application. Afterward, follow the steps in the previous section to download and deploy a different version of the application from the Package Library.

Software rollback FAQs

How do I roll back a Windows app?

To roll back a Windows app, uninstall the current version, install the previous stable version, and confirm the application works as expected. At scale, use software deployment or patch management tools to target affected endpoints instead of fixing each machine manually.

Can I roll back software remotely?

Yes. You can roll back software remotely with endpoint management, software deployment, or patch management tools that can uninstall applications and deploy specific versions to managed devices.

Is rollback the same as uninstalling software?

No. Uninstalling software removes the application. Rolling back software removes the problematic version and replaces it with a previous stable version so users can keep using the application.

When should I roll back software instead of applying a workaround?

Roll back software when the current version causes unacceptable security, stability, or compatibility issues and a previous version is safer to run. Use a workaround when rollback would break business-critical functionality or when the vendor provides a safe temporary fix.

Can every software update be rolled back?

No. Some applications and patches do not support clean rollback, especially if the update changes databases, user profiles, drivers, or dependencies. Always test rollback before relying on it in production.

What should a rollback plan include?

A rollback plan should include affected software, target devices, uninstall commands, previous installer versions, backups, testing steps, success criteria, and owner responsibilities. The goal is to make rollback repeatable before everything is on fire.

Roll back software the easy way

Unfortunately, vendors don't have the best track record of releasing vulnerability- and bug-free updates. While we always recommend proper testing, it won't catch everything. Don't let vulnerabilities in the current version of your favorite software ruin your day. PDQ makes it easy to roll back software, keeping your environment vulnerability free and leaving you plenty of time to do what you love most, like arguing with strangers on the internet.

If you're not already using PDQ, what's the holdup? You can try it out for yourself and see how much time it saves you with a 14-day free trial. Within minutes, you'll be ready to start managing systems and deploying packages.

Brock
Brock Bingham

Brock Bingham is a systems administrator with 15 years of experience managing endpoints and servers, with a strong focus on automation, patching, security, and maintaining stable environments at scale. After years of hands-on IT work, he now creates content and teaches, helping other admins learn through practical, real-world guidance.

Related articles