locked
WMI Query For Missing Microsoft Patches On Specific Host RRS feed

  • Question

  • What is the appropriate WMI query to ask a 2012 SCCM server for a list of missing Microsoft patches on a specific host that the SCCM server manages. For example, say I want to check which patches are missing on a Windows 8 client that is at IP 192.168.10.100. What WMI query could I use to ask the SCCM server which patches that host doesn't yet have installed? 

    Thursday, December 10, 2015 5:24 PM

Answers

  • I would suggest querying SQL would be far easier and far LESS over head to capture this data.

    Ultimately all a WMI query is going to do is query SQL itself.


    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    • Proposed as answer by Garth JonesMVP Monday, December 28, 2015 7:41 PM
    • Marked as answer by Frank Dong Thursday, January 7, 2016 5:29 AM
    Monday, December 14, 2015 4:30 PM

All replies

  • Have you look at the default report  \Monitoring\Overview\Reporting\Reports\Software Updates - A Compliance

    The default report should give you the information you need or be close enough

    if you want to use a WMI query on the computer you will get the install update not the missing one.

    The WMI class is win32_quickfixengineering

    You can also use powershell and run get-hotfix.

    But using those you need to compare them with a export of something

    Thursday, December 10, 2015 6:40 PM
  • Would a WMI query using win32_quickfixengineering be run on the SCCM server for that information or on the client that I want to check for missing patches? I am looking for a query that I would be able to run directly on the SCCM server. 

    Thanks!

    Thursday, December 10, 2015 6:51 PM
  • I don't think this is available on the configuration manager WMI.

    Well never found a way to do it.

    I either use the reports or run query remotely on the clients

    You can look at this namepsace and class on the client

    ROOT\ccm\SoftwareUpdates\UpdatesStore and the class is CCM_UpdateStatus

    To do something like this :Get-WmiObject -Namespace ROOT\ccm\SoftwareUpdates\UpdatesStore -Query "Select * from CCM_UpdateStatus WHERE Status = 'Missing'"





    Thursday, December 10, 2015 7:14 PM
  • ok, I will bite, why does it have to be WMI? SQL query would make a lot more sense. Plus there is a built-in SSRS report for this, so you could grab the report and edit the query for you needs.

    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ


    Friday, December 11, 2015 1:52 AM
  • ok, I will bite, why does it have to me WMI? SQL query would make a lot more sense. Plus there is a built-in SSRS report for this, so you could grab the report and edit the query for you needs.


    It's a software integration issue. I need to be able to query an SCCM server and bring back results on specific hosts that it manages into another product. WMI would have been the easiest way programmatically for me to remotely pull that data. That is unless there is a better method to do it. 
    Monday, December 14, 2015 4:26 PM
  • I would suggest querying SQL would be far easier and far LESS over head to capture this data.

    Ultimately all a WMI query is going to do is query SQL itself.


    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    • Proposed as answer by Garth JonesMVP Monday, December 28, 2015 7:41 PM
    • Marked as answer by Frank Dong Thursday, January 7, 2016 5:29 AM
    Monday, December 14, 2015 4:30 PM