I'm surprised I couldn't find anything on this via Google search.
Is there a foolproof way to make sure that no updates are installing when scripting a reboot of a computer? Or maybe MS has already put preventative measures in place to avoid bricking an OS by force-restarting it during a patch install....?
I know I can check the existence of an active msiexec.exe, but if it is there it's possible it just hasn't stopped yet, after a previous install has finished. I can't figure out which Event ID is the one that says updates are installed and there are no more.
I can't rely on a reboot required flag, since after installing 1 of several updates, it will flag as true.
It's something I'd have to play with, and it depends a bit on how the patch is being installed – e.g., standalone, via Windows Update, etc. I'm not sure there's an easy, "foolproof" way, though. Some combination of checking for processes, I expect, would be the safest route.
I wouldn't expect reboot required to be useful; that means "required" not "ready for reboot," obviously.