A PowerShell script to list all installed Microsoft Windows Updates

PowerShell Version 2 or Greater required.

Why use this script?

The PowerShell cmdlet ‘get-hotfix’ sometimes does not draw-out ‘installedon’ information. win32-Quickfixengineering class does not have that information either. <SIGH>

What does this script offer?

The above void can be filled by using the good old ‘wmic qfe list’ command. But, the output of the legacy command is mere text and cannot be easily interrogated like objects in PowerShell.

The attached script converts the output string of ‘wmic qfe list’ command into versatile PowerShell objects, which can be used within other scripts.

Note: Do not forget to include the attached powershell script.

The below POSH oneliner lists all updates installed in the last 2 days and tabulates properties: Computername, KBArticle,InstalledOn, HotFixID and InstalledBy.

Get-MSHotfix|Where-Object {$_.Installedon -gt ((Get-Date).Adddays(-2))}|Select-Object -Property Computername, KBArticle,InstalledOn, HotFixID, InstalledBy|Format-Table

The below powershell command-line will output details about the hotfix with ID ‘2953522’.

Get-MSHotfix|Where-Object {$_.HotfixID -match "KB2953522"}

The below POSH gem opens the Knowledge Base webpage for the hotfix with ID ‘2953522’.

Get-MSHotfix|Where-Object {$_.HotfixID -match "KB2953522"}|ForEach-Object {[System.Diagnostics.Process]::Start($_.KBArticle)}

Script Content:

Function Get-MSHotfix  
    $outputs = Invoke-Expression "wmic qfe list"  
    $outputs = $outputs[1..($outputs.length)]  
    foreach ($output in $Outputs) {  
        if ($output) {  
            $output = $output -replace 'Security Update','Security-Update'  
            $output = $output -replace 'NT AUTHORITY','NT-AUTHORITY'  
            $output = $output -replace '\s+',' '  
            $parts = $output -split ' ' 
            if ($parts[5] -like "*/*/*") {  
                $Dateis = [datetime]::ParseExact($parts[5], '%M/%d/yyyy',[Globalization.cultureinfo]::GetCultureInfo("en-US").DateTimeFormat)  
            } else {  
                $Dateis = get-date([DateTime][Convert]::ToInt64("$parts[5]", 16)) -Format '%M/%d/yyyy'  
            New-Object -Type PSObject -Property @{  
                KBArticle = [string]$parts[0]  
                Computername = [string]$parts[1]  
                Description = [string]$parts[2]  
                FixComments = [string]$parts[6]  
                HotFixID = [string]$parts[3]  
                InstalledOn = Get-Date($Dateis)-format "dddd d MMMM yyyy"  
                InstalledBy = [string]$parts[4]  
                InstallDate = [string]$parts[7]  
                Name = [string]$parts[8]  
                ServicePackInEffect = [string]$parts[9]  
                Status = [string]$parts[10]  

The following script can be used as a template to run this function against multiple machines. For this to work you have to enable PSRemoting on all the machines.

$scriptDirectory = Split-Path -Parent $MyInvocation.MyCommand.Definition 
$allUpdates = '' 
$array = @("host1", "host2", "host3") 
for ($i=0; $i -lt $array.length; $i++) { 
$Updates = Invoke-Command -ComputerName $array[$i] ${function:Get-MSHotfix}|ft -HideTableHeaders 
$allUpdates += $Updates 

Further notes:

As mentioned above the get-hotfix cmdlet and get-wmiobject -class win32_quickfixengineering command does not output the ‘installedon’ date for some updates. The reason for which I’m yet to find out. 

Output of the ‘get-wmiobject -class win32_quickfixengineering‘ command: InstalledOn property NOT available for all updates.

Output of the ‘wmic qfe list’ command: Installedon property available for all updates.

Output of Get-MSHotfix:

(1) Comments

Leave a Reply