none
Powershell script to download install windows updates?

    Pergunta

  • Hello,

    I could get our Group Policy to download and install the approved WSUS updates, but I need another method.

    Is there a script I can run on a server that will download and install any updates that are either approved from WSUS or online?

    Thanks

    terça-feira, 6 de fevereiro de 2018 10:02

Todas as Respostas

  • Hi,

    Have a look at the TechNet Gallery.

    terça-feira, 6 de fevereiro de 2018 10:17
  • Hi,

    Please try the following commands :

    #Define update criteria.
    
    $Criteria = "IsInstalled=0"
    
    
    #Search for relevant updates.
    
    $Searcher = New-Object -ComObject Microsoft.Update.Searcher
    
    $SearchResult = $Searcher.Search($Criteria).Updates
    
    
    #Download updates.
    
    $Session = New-Object -ComObject Microsoft.Update.Session
    
    $Downloader = $Session.CreateUpdateDownloader()
    
    $Downloader.Updates = $SearchResult
    
    $Downloader.Download()
    
    
    $Installer = New-Object -ComObject Microsoft.Update.Installer
    
    $Installer.Updates = $SearchResult
    
    $Result = $Installer.Install()
    
    
    If ($Result.rebootRequired) { shutdown.exe /t 0 /r }

    http://searchwindowsserver.techtarget.com/tip/Install-WSUS-updates-immediately-with-Windows-PowerShell

    Note : Since this is a 3rd-party article , it might be changed without notification , we do not guarantee the accuracy and security all the time .

    Best Regards,

    Elton


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    quarta-feira, 7 de fevereiro de 2018 02:29
    Moderador
  • Thanks I will try that,  I did spend time on 

    https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc 

    and it seems to be working.

    quarta-feira, 7 de fevereiro de 2018 07:48
  • For Windows Server 2016:

    Rather than downloading and distributing additional modules and/or utilities I tend to look at what is already there.

    Sconfig can be used for downloading and installing patches so I started looking at what that calls. I noticed in the ReportingEvents.log in c:\windows\softwaredistribution folder and noticed that it regularly called cscript process. Therefore it is using VBScripts to search, download, install Windows updates. Do a search for *.vbs i found Sconfig.vbs. On inspecting the contents of Sconfig.vbs I noticed that it called WUA_SearchDownloadInstall.vbs (which is what runs when you press "6" in sconfig).

    When you run WUA_SearchDownloadInstall.vbs it asks for 2 inputs:

    Search for for (A)ll updates or (R)ecommended updates only?

    (A)ll updates, (N)o updates or (S)elect a single update?

    Therefore If you can pass these 2 inputs to the vbscript then you have your solution.

    Solution:

    Create a input file (say c:\temp\input.txt) and add the following 2 lines:

    A
    A

    Then to automatically install patches run:

    c:\windows\system32\cscript.exe /nologo C:\windows\system32\en-US\WUA_SearchDownloadInstall.vbs<c:\temp\input.txt

    If you want to keep track of progress open powershell and connect to the C:\Windows\SoftwareDisbritution\ReportingEvents.log (either locally or remotly) by running the following:

    Get-Content C:\Windows\SoftwareDistribution\ReportingEvents.log -Tail 1 -Wait

    Reboot the machine once installs are complete.

    • Sugerido como Resposta Paul W Otway domingo, 22 de abril de 2018 09:33
    domingo, 22 de abril de 2018 09:29
  • Elton - I use these COM objects to do Windows updates and they work well with one exception: Windows 10 Feature Upgrades.  My script correctly discovers the Feature Upgrade as being needed.  It downloads it.  The installer says it has installed it - but it does not.  If I reboot and try again, it says it still needs to install the upgrade.  I can't use WSUS and would like to be able to install the upgrades using a script that runs on each of 1800 local machines.  BTW it's not any particular machine.  If I login to one of these machines and run the built-in updater, it discovers the upgrade and installs it.

    Grateful for any advice!


    jj John Thayer Jensen, System Administrator, Digital Services, The University of Auckland Business School Room 260-4136, 12 Grafton Road DDI: &#43;64 9 923-7543 Mobile (work): &#43;64 21 83-3586 Mobile (personal): &#43;64 21 85-1904 quickdial: 60001 FAX: &#43;64 9 373-7696 http://inquietumcor.blogspot.com

    quinta-feira, 3 de maio de 2018 21:41
  • Hi,

    Please try the following commands :

    #Download updates.
    
    $Session = New-Object -ComObject Microsoft.Update.Session
    
    $Downloader = $Session.CreateUpdateDownloader()
    
    $Downloader.Updates = $SearchResult
    
    $Downloader.Download()
    
    

    http://searchwindowsserver.techtarget.com/tip/Install-WSUS-updates-immediately-with-Windows-PowerShell

    Best Regards,

    Elton


    This is pretty much the exact script I use.  I do have one question for someone who knows how the downloader part works.

    We have our Windows Update settings set to "Download and Notify" via Group Policy.  This should mean that all the servers already have the downloads cached and ready to go.  Would I be able to just comment out/delete all the downloader related lines?

    If I don't do that, it seems like my WSUS server gets hit pretty hard when I tell 100+ servers to update as if they're re-downloading things because the downloader part of the script doesn't seem to check if the updates have already been downloaded.

    Anyone know if that's correct or not?  Or is there any way to add a way to check if the updates have been downloaded or not?

    Thanks!

    quinta-feira, 14 de junho de 2018 17:27