PowerShell Get-Hotfix

Introduction to Get-HotfixWindows PowerShell Get-Hotfix

Get-Hotfix is a useful PowerShell 2.0 cmdlet for researching Microsoft updates and patches.

Examples of Get-Hotfix


List the Updates and Service Packs

Let us see Get-Hotfix in action, this is how to display a list of patches, service packs and security hotfixes.

# PowerShell's Get-HotFix Example
Get-HotFix | Format-Table HotfixID, Description, InstalledOn -AutoSize

HotfixID    Description  InstalledOn
——–     ———–   ———–
KB2764913 Update  03/07/2013
KB2832414 Security Update 07/10/2013
KB976932 Service Pack

Note 1: I modified the output with PowerShell's Format-Table.

Research Get-Hotfix's Parameters

Hardly a day goes by without I give thanks to Microsoft for including the Get-Help cmdlet as a mechanism for researching parameters.

Get-Help Get-Hotfix -Full

Note 2: The -Description parameter presents a convenient way of filtering the hotfixes.  For example, to find service packs: Get-Hotfix -Description Service*.

Guy Recommends:  A Free Trial of the Network Performance Monitor (NPM)Review of Orion NPM v11.5 v11.5

SolarWinds’ Network Performance Monitor will help you discover what’s happening on your network.  This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.

What I like best is the way NPM suggests solutions to network problems.  Its also has the ability to monitor the health of individual VMware virtual machines.  If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.

Download a free trial of Solarwinds’ Network Performance Monitor

Another Useful Parameter: -ComputerName

Here is a technique to discover which machines on your network have a particular hotfix.  As a prerequisite for my example you need to obtain a list of the computers and save it in a file.  My computer list is stored at C:\PShell \Machines.txt.

$Machines = "C:\PShell\Computers.txt"
$Patch = 'KB976932'
$Computers = Get-Content $Machines
ForEach ($Item in $Computers) {
Get-Hotfix $Patch -ComputerName $Item

Note 3: To solve your problem, change the value for $Machines and $Patch.

Interrogate Domain Machines

Here is a technique to list all your machines in a domain environment by using Microsoft's ADSISearcher.

([ADSISearcher]'objectCategory=computer').FindAll() |
ForEach-Object {Get-HotFix -Computername $_.properties.dnshostname}

Note 4: Once you obtain the list of machines from active directory, employ PowerShell's ForEach loop technique.

Engineer's Toolset v10Guy Recommends: SolarWinds Engineer’s Toolset v10

This Engineer’s Toolset v10 provides a comprehensive console of 50 utilities for troubleshooting computer problems.  Guy says it helps me monitor what’s occurring on the network, and each tool teaches me more about how the underlying system operates.

There are so many good gadgets; it’s like having free rein of a sweetshop.  Thankfully the utilities are displayed logically: monitoring, network discovery, diagnostic, and Cisco tools.  Try the SolarWinds Engineer’s Toolset now!

Download your fully functional trial copy of the Engineer’s Toolset v10

Alternative to Get-HotFix:- Win32_ReliabilityRecords

It surprised me to learn that Get-Hotfix did not return all the patches installed on my computer, so I investigated suitable classes of Get-WmiObject and came up with Win32_ReliabilityRecords.

Counting the items returned by two different techniques.

# Compare the number of items returned by Get-Hotfix and WMI
"Number of Get-Hotfix Objects"
Get-HotFix | Measure-Object | Format-Table count -AutoSize
"—————————————————– `n"
"Number of Win32_ReliabilityRecords Objects"
$Patches = Get-WmiObject -Class Win32_ReliabilityRecords
$Patches | Measure-Object | Format-Table Count -AutoSize

Using Win32_ReliabilityRecords

#PowerShell example to list all patches
$Patches = Get-WmiObject –Class Win32_ReliabilityRecords | `
Sort-Object $_.timegenerated -Descending
$Patches | Format-Table @{LABEL = "Date";EXPRESSION = `
{$_.ConvertToDateTime($_.TimeGenerated)}}, ProductName -Auto

Filtering Patches

$Patches = Get-WmiObject -Class Win32_ReliabilityRecords `
-Filter "SourceName = 'Microsoft-Windows-WindowsUpdateClient'"
$Patches | Sort-Object $_.timegenerated -Descending | Format-Table ProductName,`
@{LABEL = "Date";EXPRESSION = {$_.ConvertToDateTime($_.TimeGenerated)}} -Auto

Investigate Update Failures

$Failures = Get-WmiObject -Class Win32_ReliabilityRecords
$Failures | Where { $_.message -match 'failure' } | Select-Object -ExpandProperty message

See more real-life PowerShell tasks »

Summary of PowerShell's Get-Hotfix

Get-Hotfix is a handy PowerShell cmdlet for listing Microsoft security updates and patches. An alternative is to employ Get-WmiObject  and the class: Win32_ReliabilityRecords.

If you like this page then please share it with your friends


See more Microsoft PowerShell Examples of Real Life Tasks

PowerShell Real-life Examples   • Test-Connection   • Invoke-Expression   • Invoke-Command

Windows PowerShell   • Trace-Command   • PowerShell Registry MaintainServerList

PowerShell Registry   • Compare-Object Registry   • Desired State Configuration   • Get-Hotfix

Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.