Use PowerShell to Retrieve All Windows Updates and Patches

In this post we provide a quick example of how we can use PowerShell to retrieve all Windows updates and patches.

Get-HotFix Not Returning All Installed KBs

The first thought that springs to mind is simply to run Get-Hotfix . However this only returns a subset of windows updates supplied by Component Based Servicing.

A more comprehensive way of returning historic windows updates and patches is to use the Microsoft Update Session object like so:

cls
$session = New-Object -ComObject "Microsoft.Update.Session"
$searcher = $Session.CreateUpdateSearcher()
$totalHistoryCount = $Searcher.GetTotalHistoryCount()
$searcher.QueryHistory(0, $totalHistoryCount) | Select-Object  -Property @{Name = 'Name'; Expression = {[regex]::match($_.Title,'KB\d{7}').Groups[0].Value}}, Title, Date

If we wanted to search for a specific KB reference we can simply pipe the output into Where like so:

cls
$session = New-Object -ComObject "Microsoft.Update.Session"
$searcher = $Session.CreateUpdateSearcher()
$totalHistoryCount = $Searcher.GetTotalHistoryCount()
$searcher.QueryHistory(0, $totalHistoryCount) | Select-Object  -Property @{Name = 'Name'; Expression = {[regex]::match($_.Title,'KB\d{7}').Groups[0].Value}}, Title, Date | Where Name -eq "KB2267602"

Avoid Error 0x800f0906 by Bypassing the Windows Updates Server

An organisation we work with have removed Microsoft QuickAssist from their corporate build – presumably they saw this as a potential security risk. Here we explain how to avoid error 0x800f0906 by Bypassing the Windows Updates Server.

We had an administrator that required QuickAssist so that they could attend a support call with Microsoft. But the option no longer appeared in the Optional Features list.

The quickest way to install it for a single user was to use DISM. However, dism was looking at our internal SCCM server to download the content from. Since it didn’t exist we saw the dreaded 0x800f0906 error.

The solution (albeit a temporary one!) was to bypass our local SCCM windows updates server and download the content directly from the internet like so:

REM disable using internal WU server
REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v UseWUServer /t REG_DWORD /d 0 /f 
net stop "Windows Update" 
net start "Windows Update"
REM Install Option feature(s)
dism /Online /Add-Capability /CapabilityName:App.Support.QuickAssist~~~~0.0.1.0
REM enable using WU server
REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v UseWUServer /t REG_DWORD /d 1 /f 
net stop "Windows Update" 
net start "Windows Update"