In the previous tip we looked at how to retrieve the list of currently installed updates from the Windows Update Client.

This list can be polished, and for example you can use hash tables to create calculated properties that extract information such as the KB article number that are by default part of other properties such as the title:

$severity = @{
  Name = 'Severity'
  Expression = { if ([string]::IsNullOrEmpty($_.MsrcSeverity)) { 'normal' } else { $_.MsrcSeverity }}
}

$time = @{
  Name = 'Time'
  Expression = { $_.LastDeploymentChangeTime }
}

$kb = @{
  Name = 'KB'
  Expression = { if ($_.Title -match 'KB\d{6,9}') { $matches[0] } else { 'N/A' }}
}

$UpdateSession = New-Object -ComObject Microsoft.Update.Session
$UpdateSession.CreateupdateSearcher().Search("IsInstalled=1").Updates |
  Select-Object $time, Title, $kb, Description, $Severity |
  Out-GridView -Title 'Installed Updates'

The result shows in the grid view window. When you remove Out-GridView, the information looks similar to this:

 
Time        : 9/10/2019 12:00:00 AM
Title       : 2019-09 Security Update for Adobe Flash Player for Windows 10 Version 1903 for 
              x64-based Systems (KB4516115)
KB          : KB4516115
Description : A security issue has been identified in a Microsoft software product that could 
              affect your system. You can help protect your system by installing this update 
              from Microsoft. For a complete listing of the issues that are included in this 
              update, see the associated Microsoft Knowledge Base article. After you install 
              this update, you may have to restart your system.
Severity    : Critical

Time        : 10/8/2019 12:00:00 AM
Title       : Windows Malicious Software Removal Tool x64 - October 2019 (KB890830)
KB          : KB890830
Description : After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, 
and Mydoom) and helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you start your computer. A new version of the tool will be offered every month. If you want to manually run the tool on your computer, you can download a copy from the Microsoft Download Center, or you can run an online version from microsoft.com. This tool is not a replacement for an antivirus product. To help protect your computer, you should use an antivirus product.
Severity    : normal

Time        : 10/8/2019 12:00:00 AM
Title       : 2019-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 
              1903 for x64 (KB4524100)
KB          : KB4524100
Description : Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.
Severity    : normal

Time        : 10/28/2019 12:00:00 AM
Title       : Update for Windows Defender Antivirus antimalware platform - KB4052623 (Version 4.18.1910.4)
KB          : KB4052623
Description : This package will update Windows Defender Antivirus antimalware platform’s components on the user machine.
Severity    : normal

... 




You are a PowerShell Professional, passionate about improving your code and skills? You take security seriously and are always looking for the latest advice and guidance to make your code more secure and faster? You’d love to connect to the vibrant PowerShell community and get in touch with other PowerShell Professionals to share tricks and experience? Then PowerShell Conference EU 2020 might be just the right place for you: https://psconf.eu (June 2-5, 2020 in Hanover, Germany).

It’s a unique mixture of classic conference with three parallel tracks filled with fast-paced PowerShell presentations, and advanced learning class with live discussions, Q&A and plenty of networking.

Secure your seat while they last: https://psconf.eu/register.html. Help build the agenda and make this “your” event by submitting hypothetical sessions you’d like to hear: https://powershell.one/psconfeu/psconf.eu-2020/reverse-cfp. And if you’d like to present yourself and join the psconf.eu speakers’ team, submit proposals: https://sessionize.com/psconfeu/.

Twitter This Tip! ReTweet this Tip!

Anonymous