While researching a problem the other day I needed to list all updates that were installed on a system and get some details about why they were there. Add/Remove Programs, a.k.a. Programs and Features, is probably the worst way to do that as it is quite inefficient to go through the updates in that way, and some do not seem to appear there at all.
A better way is to use wmic from a command prompt, as in:
wmic qfe list full /format:htable
That produces nicely formatted HTML output like this:
You can redirect the output into a file and then open at will. However, I found two flaws in the output. First, run it on Vista and look at the Output column. It will URLs to the KB articles for the update, in some cases, but they are not active hyperlinks. On XP, the caption field does not even have this information, apparently because XP updates do not populate that field. Second, there are a bunch of unnecessary columns, and the information is inconsistent from OS to OS.
To address those issues I wrote the attached script. It does more or less the same thing, but it gives more compact output and formatted hyperlinks. Its output looks like this:
|Caption||Description||Hotfix ID||KB Link||Installed On||Service Pack in effect||Fix comments|
The Service Pack In Effect and the Fix Comments fields are still not populated, but that is because this screenshot was taken on Windows Vista. On XP they were populated. In addition, the script does its best to parse the Hotfix ID and make a clickable link out of it in the KB Link directory. This gives you a direct link to where the script belongs. In addition, the script creates the output file automatically in current working directory. This makes investigating the installed updates far easier. Hopefully someone else will find this helpful.
Two more notes are in order about this script. First, the Installed On date is in binary form on Windows Vista, which is why the output looks the way it does. On Windows XP that same fields holds a string date and so is much more valuable. Second, a more powerful version of this script, written by scripting genius Ed Wilson, and designed for PowerShell, will ship on the CD for the Windows Server 2008 Security Resource Kit. The CD comes with a number of other scripts of his design, as well as some tools of my design, and is, of course, available for pre-order now.