08 December 2015

Windows Updates List

There is a newer tool located here

I have been working on writing a new script for SCCM and decided while writing it, I would take one of the functions and make it into a separate script for just retrieving windows updates. Sometimes you need a list to compare against, which is what I am using this for as a reporting tool in another script I am writing.

This script will query the SCCM server for a list of all Microsoft updates for a specific OS. The list can be customized down to a specific architecture, update types, such as security updates and service packs, and the list can filter out such things as IE 8, IE 9, and such.

The first thing is to customize the Namespace variable with your company's sitecode on line 21. Next, you will need to change line 28 to the OS you are wanting to search for. I put a couple of examples beside it, but you can use any OS that is in the All Software Updates list. On line 29, You can enter x86, x64, or null. Such OSs as 2012 R2 don't display a system architecture in the list, so you can use null. For UpdateTypes, you can enter the type of update you want to search for, such as Update or Security Update. If you leave the array blank, it will return all update types. Finally, $Filters lets you filter out updates that contain certain word in the title. I filtered out IE 8, 9, and 10, since my firm uses 11.

The script will then return a list of all updates and then a count of how many were returned.

NOTE: I ran this script from the SCCM server.

You can download this script from here.

1:  <#       
2:       .NOTES  
3:       ===========================================================================  
4:        Created with:      SAPIEN Technologies, Inc., PowerShell Studio 2015 v4.2.98  
5:        Created on:       12/8/2015 9:08 AM  
6:        Created by:       Mick Pletcher  
7:        Organization:         
8:        Filename:        WindowsUpdatesList.ps1  
9:       ===========================================================================  
10:       .DESCRIPTION  
11:            This script will generate a list of Windows updates from a query of the SCCM  
12:            server. You will need to customize the Namespace variable for your SCCM  
13:            server on line 19. Line 27 is where you input the OS you are searching for.  
14:            This can include any OS in the   
15:  #>  
17:  #Declare Variables  
18:  Set-Variable -Name Architecture -Force  
19:  Set-Variable -Name Filter -Force  
20:  Set-Variable -Name Filters -Force  
21:  Set-Variable -Name Namespace -Value root\sms\site_<sitecode> -Force  
22:  Set-Variable -Name OperatingSystem -Force  
23:  Set-Variable -Name Updates -Force  
24:  Set-Variable -Name UpdateType -Force  
25:  Set-Variable -Name UpdateTypes -Force  
27:  cls  
28:  $OperatingSystem = "Windows 7" #Windows 7, Windows 8.1, Windows Server 2012 R2  
29:  $Architecture = "x86" #x86, x64, or null  
30:  $UpdateTypes = @() #Security Update, Update, Service Pack  
31:  $Filters = @("Internet Explorer 8", "Internet Explorer 9", "Internet Explorer 10")  
33:  If ($Architecture -eq "x86") {  
34:       $Updates = Get-WmiObject -Class SMS_SoftwareUpdate -Namespace $Namespace | where-object { ($_.LocalizedDisplayName -match $OperatingSystem) -and ($_.LocalizedDisplayName -notmatch "x64-based Systems") }  
35:  } elseif ($Architecture -eq "x64") {  
36:       $Updates = Get-WmiObject -Class SMS_SoftwareUpdate -Namespace $Namespace | where-object { ($_.LocalizedDisplayName -match $OperatingSystem) -and ($_.LocalizedDisplayName -match "x64-based Systems") }  
37:  } else {  
38:       $Updates = Get-WmiObject -Class SMS_SoftwareUpdate -Namespace $Namespace | where-object { ($_.LocalizedDisplayName -match $OperatingSystem) }  
39:  }  
40:  foreach ($Filter in $Filters) {  
41:       $Updates = $Updates | where {$_.LocalizedDisplayName -notmatch $Filter}  
42:  }  
43:  If ($UpdateTypes.Count -ge 1) {  
44:       foreach ($UpdateType in $UpdateTypes) {  
45:            $Updates = $Updates | where { $_.LocalizedCategoryInstanceNames -match $UpdateType }  
46:       }  
47:       If ($UpdateTypes -eq "Update") {  
48:            $Updates = $Updates | where { $_.LocalizedDisplayName -notmatch "Security Update" }  
49:       }  
50:  }  
51:  $Updates.LocalizedDisplayName  
52:  Write-Host  
53:  Write-Host "Total Number of Updates:"$Updates.Count  
54:  $Filters = $null  
56:  #Remove Variables  
57:  Remove-Variable -Name Architecture -Force  
58:  Remove-Variable -Name Filter -Force  
59:  Remove-Variable -Name Filters -Force  
60:  Remove-Variable -Name Namespace -Force  
61:  Remove-Variable -Name OperatingSystem -Force  
62:  Remove-Variable -Name Updates -Force  
63:  Remove-Variable -Name UpdateType -Force  
64:  Remove-Variable -Name UpdateTypes -Force  


  1. This is great! How easy would it be to add the information regarding Microsoft Office Versions? I'm looking for a complete list when I want to know how many updates for a Windows 7/Office 2010 build for example.

    1. All you would need to do is populate the $OperatingSystem variable with "Microsoft Office 2010" for example.