Home / server / Questions / 1034492
In Process
A X
Asked: 2020-09-19 17:19:36 +0800 CST

How to check if latest Windows Updates are installed via PowerShell?

  • 772

I have an installation PowerShell script that installs Docker and other components onto Windows Server 2016. I have learned (the hard way) that if the latest Windows Updates are not installed, sometimes Docker will get into a very wierd state and not function as expected.

Therefore, I would like to programmatically check in PowerShell if all available/latest Windows Updates are installed on the server and then show a warning to the user if there are available updates that are not installed.

So the question is, how to programmatically check if all available/latest Windows Updates are installed?

Any help would be greatly appreciated.

powershell windows-update windows-server-2016

1 Answers

  1. I suggest identifying exactly which updates are dependencies for Docker to work properly, and verifying those are installed specifically. It's surprisingly hard to emulate the "Check for Updates" button in PowerShell.

    These are the built in commands, but they aren't documented and are just wrappers for WMI method calls.

    Get-Command -Module WindowsUpdateProvider

CommandType     Name                                               Version    Source
-----------     ----                                               -------    ------
Function        Get-WUAVersion                                     1.0.0.2    WindowsUpdateProvider
Function        Get-WUIsPendingReboot                              1.0.0.2    WindowsUpdateProvider
Function        Get-WULastInstallationDate                         1.0.0.2    WindowsUpdateProvider
Function        Get-WULastScanSuccessDate                          1.0.0.2    WindowsUpdateProvider
Function        Install-WUUpdates                                  1.0.0.2    WindowsUpdateProvider
Function        Start-WUScan                                       1.0.0.2    WindowsUpdateProvider

    Documentation Team issue discussing lack of documentation https://github.com/MicrosoftDocs/windows-powershell-docs/issues/139

    PowerShell Team issue discussing the broken functionality https://github.com/PowerShell/PowerShell/issues/5718

    This person seems to have figured out how to use the commands. https://richardspowershellblog.wordpress.com/2017/11/17/windows-update-change-in-server-1709/

    PS>  $au = Invoke-CimMethod -Namespace root/microsoft/windows/windowsupdate  -ClassName MSFT_WUOperations -MethodName  ScanForUpdates -Arguments @{SearchCriteria="IsInstalled=0"}

PS>  Invoke-CimMethod -Namespace root/microsoft/windows/windowsupdate  -ClassName MSFT_WUOperations -MethodName  InstallUpdates -Arguments @{Updates = $au.Updates}
    • 1