1. Disable the Software Update Bulletin
   1. Home > Patch Management
      1. This can be done in either the Patch Remediation Center, Software Bulletins Details report, Compliance by Bulletin report, or Compliance by Update report (note that disabling in this report disables the bulletin, not just the update)
   2. Highlight the desired Software Update Bulletin
      1. NOTE: You can select multiple bulletins by using standard CTRL or Shift clicking
   3. Right-click > Disable
   4. Check the option "Remove the selected bulletins from policies" in the pop-up windows
      
      Note: If for some reason you don't see the "Disable" option, try the following:
      

      1. Go to Reports\All Reports\Software\Patch Management\Software Bulletins\Software Bulletin Details
      2. Search for the desired patch. In this example: MS08-069
      3. Right-click on it and select "Distribute Package"
      4. Make sure it is turned off and that any update that is part of this bulletin is unchecked.
      5. Click on "Distribute software update". This should let you "setup" the bulletin again as a new instance.
      6. Then, under "Software Bulletin Details" report, search again for the desired bulletin. Now you should see the "Disable" option. Click on it. Check the option "Remove the selected bulletins from policies" in the pop-up windows

2. Run the Check Software Update Package Integrity Check task
   1. Manage > Jobs and Tasks > System Jobs and Tasks > Software > Patch Management
   2. Enable the settings for Windows (and/or Linux) as needed to delete downloaded packages (Save changes as needed)
      
      
      
      Note: If "Delete the downloaded packages that are no longer in use" box is not checked, no orphaned packages will be deleted.
      
      
   3. Run the task
   4. This Task will delete the physical patch files from the NS and the package resource from the Database
      
      Note: You should be able to see entries in the NS logs like this one confirming the package(s) deletion:
      Deleted Software Package Resource: xxxxxx
      
      
      
      
3. Package Server clean-up
   1. The packages will be deleted from package servers per the setting in "Settings>Software>Patch Management > Windows Settings > Windows Patch Remediation Settings > Package tab > Delete packages after:"
      The behavior is similar to what is described in What does the “Delete Package files if unused for" on the Package Server setting do?
   2. Note that changing this settings affects only updates downloaded after the change, not currently downloaded updates. 
   3. Verify that the desired package deletion frequency is also set under "Settings>Notification Server>Site Server Settings>Site Management>Site Server Settings>Package Service>Package Service Settings"
      
      
      
      
      Note: Verify that all the package servers where you want to follow your desired "Delete package files if they are unused for" frequency is not using a custom setting instead of your "Global Package Service Settings". If not, you can run into the situation where some package servers will delete the packages with one frequency and having others with their own frequency.
      
      

Note for systems in a hierarchy:
 Running these steps on a Hierarchy will remove patches from 'all' Package Servers.