Patch Lady – scanning for updates

Topic

New Reply

https://www.csoonline.com/article/3321140/windows-security/how-to-use-powershell-to-scan-for-windows-10-security-updates.html I know many of you alrea
[See the full post at: Patch Lady – scanning for updates]

Susan Bradley Patch Lady/Prudent patcher

5 users thanked author for this post.

Elly, abbodi86, ch100, woody

Reply | Quote

Replies

Can someone paste the script here?  I don’t want to sign up for one stupid article.

Reply | Quote

techweenie wrote:

Can someone paste the script here?  I don’t want to sign up for one stupid article.

There is no such thing like free money or free beer.
What is your contribution to get trained for free?

Reply | Quote

The only pertinent info displayed after the registration break in the article is the single command to initiate the search for updates within powershell.

Since it’s Susan’s article, I’ll leave it up to her to post the command here if she wants to.

Reply | Quote

Agree it is too bad you have to give out your information to yet another organization in order to read the Article.

Remember, if you dont have to pay for the product …. You are the product!

Reply | Quote

Thank you

Reply | Quote

For what it’s worth, I’ve been using “UsoClient.exe startscan” from command prompt.  I don’t recall if it starts installing anything, but it definitely scans.  I believe it respects your GPO settings.  Another method from powershell is “(New-Object -ComObject Microsoft.Update.AutoUpdate).DetectNow()” without the quotes.

Reply | Quote

techweenie wrote:

stupid article.

Just wondering whether you noticed that author’s name!

Group A (but Telemetry disabled Tasks and Registry)
1) Dell Inspiron with Win 11 64 Home permanently in dock due to "sorry spares no longer made".
2) Dell Inspiron with Win 11 64 Home (substantial discount with Pro version available only at full price)

3 users thanked author for this post.

BobbyB, ch100, woody

Reply | Quote

In my opinion it is a better way to use the build-in abilities so that you don’t need to install something. Here is a very short version of a script I use (it’s a version without error handling and company only stuff).

$SearchResult = $(New-Object -ComObject Microsoft.Update.Searcher).Search(“IsInstalled=0”).Updates

$Downloader = $(New-Object -ComObject Microsoft.Update.Session).CreateUpdateDownloader()
$Downloader.Updates = $SearchResult
$Downloader.Download()

$Installer = New-Object -ComObject Microsoft.Update.Installer
$InstallCollection = New-Object -ComObject Microsoft.Update.UpdateColl
$SearchResult | ForEach-Object -Process { $InstallCollection.Add($_) | Out-Null }
$Installer.Updates = $InstallCollection
$Installer.Install()

2 users thanked author for this post.

abbodi86, ch100

Reply | Quote

Great to see your byline on CSO!

Reply | Quote

Thank you Susan for the info. Followed the steps and got results. Will play around some more with your solution and see how it handles updates hidden with wushowhide and various delay settings within windows settings.

So far seems to be the best solution apart from going back to v1709 and staying there forever. 🙂

Update:

The PS command ignores updates hidden by wushowhide and displays them  in the screen output anyways. You will still need to hide any updates that you specifically do not wish to install via windows update. There are no available updates that are newer  than 30 days so I can’t yet test to see if the PS command observes the days to ignore rule in settings – I suspect it doesn’t.

1 user thanked author for this post.

rc primak

Reply | Quote

I was going to ask how this method interacts with wushowhide, the Updates History and other parts of Windows Update. In this thread I’m piecing together some answers.

-- rc primak

Reply | Quote

Windows 10 has built-in WMI provider to scan and install updates since ver 1607
but they keep changing its properties and methods, and sadly it’s basic and limited

in latest ver 1809, one can scan for updates like this in powershell:
$ctr = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
$ci = New-CimInstance -Namespace root/Microsoft/Windows/WindowsUpdate -ClassName MSFT_WUOperations -ClientOnly
$result = $ci | Invoke-CimMethod -MethodName ScanForUpdates -Arguments @{SearchCriteria=$ctr}
$result.Updates

this will return list of available updates with their UpdateID for each, which is helpfull to install specific update alone
e.g.
$result = $ci | Invoke-CimMethod -MethodName ScanForUpdates -Arguments @{SearchCriteria="UpdateID='2b270fd4-8f8b-4d4f-ba85-17dace669c55'"}
Invoke-CimMethod -InputObject $ci -MethodName InstallUpdates -Arguments @{Updates=$result.Updates}

you can also choose to only download the update for now
Invoke-CimMethod -InputObject $ci -MethodName InstallUpdates -Arguments @{Updates=$result.Updates;DownloadOnly=$true}

unfortunately, the scan this way isn’t reflected in Settings page
and the installed updates will not be listed in Update History

2 users thanked author for this post.

BobbyB, ch100

Reply | Quote

Was unable to sign up for CSO.
My Firefox has NoScript and other security. What must I allow to sign up?

Reply | Quote

During the sign-up, the site is using trackers.  You must turn off all ad blockers, all script blockers and all third-party tracker blockers. For many of us, this is too much of a privacy intrusion to tolerate. This is why I also don’t go to restricted areas of InfoWorld anymore.  Too bad this resource and several others Susan references frequently can’t be posted at less intrusive sites. But everybody has to make a living.

-- rc primak

Reply | Quote

rc primak (and Susan) – thanks.

Shame that this CSO website is too difficult to use.

Reply | Quote

This would be a helpful post if it was accessible. Tried registering for CSO but did not get confirmation email. Doesn’t this kind of closed-access post go against what people have come to expect from Askwoody?

Reply | Quote