Get last Patched status.

Welcome Forums General PowerShell Q&A Get last Patched status.

This topic contains 4 replies, has 3 voices, and was last updated by

5 months ago.

  • Author
  • #138912

    Topics: 4
    Replies: 8
    Points: 18
    Rank: Member

    Hi Members,

    Need your support to get the patch information on a server.

    I have seen examples of Get-Hotfix and did Get-Member options to find information about the patch release date and i couldn't find. The WMI QuickfixEngineering also has no info.

    I don't need when the patch was installed, but a decent update like what was installed when with respect to the released patch.

    So, i went here , took all the information in the left side and made a simple file.

    Something that looked like this..

    15-Jan-19 KB4480969
    8-Jan-19 KB4480964
    8-Jan-19 KB4480963
    11-Dec-18 KB4471322
    11-Dec-18 KB4471320
    27-Nov-18 KB4467695
    13-Nov-18 KB4467703
    13-Nov-18 KB4467697
    18-Oct-18 KB4462

    I am not good at extracting data out of web-pages so i did the above file manually and placed it at a central location accessible.

    I need some help to simplify the below code.

    #Patch sources
    $patch2k12R2 = ''
    $resultPatches = ''
    #get the patches MS had released from repository, my local file maintained.
    $patch2k12R2 = Invoke-WebRequest -uri "http://myrepository/win2k12r2.file"
    #$patch2k12R2.Content -> to See the output of the file.
    #get hotfixes installed on the local server.
    $HotfixIDLast = Get-HotFix | sort-object -Descending | select -expandproperty HotfixID
         foreach($HotfixIDLastOne in $HotfixIDLast)
              if(($patch2k12R2.Content| findstr $HotfixIDLastOne ))
                    $resultPatches += ($patch2k12R2.Content| findstr $HotfixIDLastOne).toString() +"`n"
    $resultPatches.Split("`n")| select -First 1

    The above gives the last match, when the KB applied to the date released.

    My worst fears would be that i am missing something obvious which is available already instead of this..

    Any directions would be helpful.

    Thank you for your time.....


  • #138924

    Senior Moderator
    Topics: 8
    Replies: 949
    Points: 3,004
    Helping Hand
    Rank: Community Hero

    Well, findtr is a native executable. PowerShell has inbuilt cmdlet to do more than what findstr can do and it outputs objects.
    I suggest you to read the documentation of Select-String cmdlet and change the existing code using it/. You can update us in case of any difficulties.

    And AFAIK, You can't get the patch release date from the OS or from patch itself.

    • #138981

      Topics: 4
      Replies: 8
      Points: 18
      Rank: Member

      Thank you, looks like i'm in the right direction....

  • #139056

    Topics: 6
    Replies: 55
    Points: 356
    Helping Hand
    Rank: Contributor

    If you have a WSUS server you can also get your source list from there.

    Objects returned by the Get-PSWSUSUpdate cmdlet have a CreationDate property.

    For example:

    Import-Module -Name PoshWSUS
    Connect-PSWSUSServer -WsusServer MyWsusServer -Port 8530
    Get-PSWSUSUpdate | Select-Object -Property KnowledgebaseArticles,Title,CreationDate
    • #139554

      Topics: 4
      Replies: 8
      Points: 18
      Rank: Member

      Hi Luc,

      This code snippet is great and would help lot of people who use WSUS, thank you so much for sharing.

      Unfortunately, our infra doesn't have WSUS or any other patch management tools.

      i've taken KV, advice and changed to select-string, guess we have to update the static files montly 😉

      Thank you.


The topic ‘Get last Patched status.’ is closed to new replies.