This is to document some issues with trying to install KB2267602 on Windows Server 2016 using the Windows Updates API (WUA).
The ansible.windows.win_updates.log shows the installation of KB2267602 and it's first failure when installed by the Ansible module, the manual MpCmdRun.exe workaround on this failure, then subsequent update runs that show the update no longer being required.
The MpSigStub.log file shows the contents of that log file for the first failed install using WUA and then the subsequent working entries when using MpCmdRun.exe.
The update KB is the security intelligence updates for Microsoft Defender Antivirus and can be updated many times in one day. From what I can see it typically installs just fine but there is a chance where Windows Updates pulls down a new version before it is ready to be installed. For example the logs during a failed run indicates that the following update tried to be installed and resulted in the following error:
4ee7ce61-491b-4e2d-bfd9-a9decbb3ae1a: