Querying Systems for Specific Hotfix – Patching Pro Tips

Posted on by paytonflint

Let’s say you’re patching Windows devices, and you install a cumulative update. But, while evaluating patching success, you find there is a required hotfix that was not made available to your devices until after the pending reboot is complete and the cumulative update applied. Now, you need a quick, convenient way to query a list of systems for a particular KB for validation purposes. Behold: the script you are looking for; short and sweet.

This is just one of many scenarios in which this script may come in handy, and that’s why it belongs in the repositories of systems engineers and administrators as an essential. I wrote this one from scratch. Provide a text file containing a list of device names at <InsertFilePath>, provide a KB number in the respective location, and it will display the device name and a Boolean value in a table.

This article has been updated to include a script version that will execute its Foreach loop in parallel rather than series – drastically improving performance for larger queries. For more information, see: https://paytonflint.com/parallel-vs-serial-execution-improving-powershell-script-performance/

# Script written by Payton Flint
# See https://paytonflint.com/parallel-vs-serial-execution-improving-powershell-script-performance/
# Parallel Execution:
 
# Set KB ID variable
$KBID = <Insert KBID>
 
# Identify location of script
$ScriptPath = Split-Path ($MyInvocation.MyCommand.Path) -Parent
 
# Set systems list location
$AllSystems = Get-Content "$ScriptPath\DeviceList.txt"

# KBIDQuery workflow 
workflow KBIDQuery {

    # Set workflow parameters
    Param (
        [string[]]$KBID,
        [string[]]$ScriptPath,
        [string[]]$AllSystems
    )

    # Parallel Foreach loop set to $Output to write to .CSV later
    $Output = Foreach -Parallel ($system in $AllSystems) {
 
        # InlineScript to use variables
        inlinescript {

            # Set compliance based on whether KBID is present on system
            if ((Get-HotFix -ComputerName $Using:system).Where({$_.HotFixID -like $Using:KBID})){
                $Compliance = $true
            }
            else{
                $Compliance = $false
            }
 
            # Create table
            [PSCustomObject]@{
                Name =   $Using:system
                Length = $Compliance
            }
        }
    }
    # Write output to .CSV at parent directory
    $Output | Export-Csv -Path "$ScriptPath\KBIDQueryParallelOutput.csv" -NoTypeInformation
}
 
# Call workflow
KBIDQuery -KBID $KBID -ScriptPath $ScriptPath -AllSystems $AllSystems

1 thought on “Querying Systems for Specific Hotfix – Patching Pro Tips

  1. Pingback: Parallel vs. Serial Execution – Improving PowerShell Script Performance – Payton Flint's Tech Blog

Leave a Reply

Your email address will not be published. Required fields are marked *