In this article we will see how to use powershell script to get update information of remote windows servers.

Table Of Contents
  1. Last Windows Update Information
  2. New Windows Update Count
  3. Pending Operating System Restart
  4. Windows Update Status

Last Windows Update Information

We use the com object Microsoft.Update.Session to get the update results.

Below one liner will tell us the previous update search and the last update installation date.

(New-Object -com "Microsoft.Update.AutoUpdate").Results

Output:

LastSearchSuccessDate LastInstallationSuccessDate
--------------------- --------------------------- 
 6/17/2021 3:54:31 AM  6/16/2021 3:57:34 AM

New Windows Update Count

Furthermore, to get the number of updates which are yet to be installed.

$UpdateSession = New-Object -ComObject Microsoft.Update.Session
$UpdateSearcher = $UpdateSession.CreateupdateSearcher()
$Updates = @($UpdateSearcher.Search("IsInstalled=0").Updates)

#This will give the number of updates yet to install.
$Updates.Title.count

Pending Operating System Restart

Any pending restart because of previous update can be identified through the registry “HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired”

The entry will have a value “true” if the operating system is waiting for a restart which is needed to complete an update.

Windows Update Status

Above codes can be combined to get following information about a computer.

  1. LastSearchSuccessDate
  2. LastInstallationSuccessDate
  3. NewUpdateCount
  4. PendingReboot

We can now wrap the script with invoke-command to remote execute in multiple systems

function Get-WindowsUpdateInformation()
 {
     param
     (
         [Parameter()]
         [string[]]
         $ComputerName="localhost"
     )


     $Results = Invoke-Command -ScriptBlock  {     
         $result = (New-Object -com "Microsoft.Update.AutoUpdate").Results     
         $UpdateSession = New-Object -ComObject Microsoft.Update.Session     
         $UpdateSearcher = $UpdateSession.CreateupdateSearcher()     
         $Updates = @($UpdateSearcher.Search("IsInstalled=0").Updates)     
         $PendingReboot = $false     
    
         #Checking pending reboot
         if (Get-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired" -EA Ignore) { $PendingReboot=$true }     
   
         #Framing the result to a list
         New-Object psobject -Property @{         
              LastSearchSuccessDate = $result.LastSearchSuccessDate         
              LastInstallationSuccessDate = $result.LastInstallationSuccessDate         
              NewUpdateCount = $Updates.Title.count         
              PendingReboot = $PendingReboot     
         } 
     } -ComputerName $ComputerName 

     $Results | Select-Object @{Name="ServerName"; Expression={$_.PSComputerName}}, LastSearchSuccessDate, LastInstallationSuccessDate, NewUpdateCount, PendingReboot
 }

Multiple server/computer names can be passed as an array to get the update information, or the server name can also be read from a text file and passed as parameter.

Get-WindowsUpdateInformation -ComputerName testhost1, testhost2

Output:

ServerName LastSearchSuccessDate LastInstallationSuccessDate NewUpdateCount PendingReboot
---------- --------------------- --------------------------- -------------- -------------
 testhost1  6/17/2021 5:31:12 PM  5/16/2021 2:56:21 PM                     1         False
 testhost2  6/16/2021 6:33:22 PM  5/21/2021 4:22:34 AM                     1         False

If you have some better ideas or know other ways of doing this, please comment it. It will be informative for me and for the readers.

Hope you liked this article and thank you for reading