Listing all installed updates

While researching a problem the other day I needed to list all updates that were installed on a system and get some details about why they were there. Add/Remove Programs, a.k.a. Programs and Features, is probably the worst way to do that as it is quite inefficient to go through the updates in that way, and some do not seem to appear there at all.

A better way is to use wmic from a command prompt, as in:
wmic qfe list full /format:htable

That produces nicely formatted HTML output like this:

Node Caption CSName Description FixComments HotFixID InstallDate InstalledBy InstalledOn Name ServicePackInEffect Status
HUGIN HUGIN. Software Update. . 933246. . S-1-5-18. 01c7ced4f18c9ed7. . . .
HUGIN HUGIN. Update. . KB937954. . S-1-5-21-2593503083-3831033232-2105785001-1138. 01c832387702bf6a. . . .
HUGIN HUGIN. Software Update. . 932926. . S-1-5-18. 01c7ced4f193c528. . . .
HUGIN HUGIN. Software Update. . 932925. . S-1-5-18. 01c7cecb71bfd1e7. . . .
HUGIN HUGIN. Update. . KB905866. . S-1-5-18. 01c83d79580f63d6. . . .
HUGIN HUGIN. Security Update. . KB925902. . S-1-5-18. 01c7ced4f1962743. . . .


You can redirect the output into a file and then open at will. However, I found two flaws in the output. First, run it on Vista and look at the Output column. It will URLs to the KB articles for the update, in some cases, but they are not active hyperlinks. On XP, the caption field does not even have this information, apparently because XP updates do not populate that field. Second, there are a bunch of unnecessary columns, and the information is inconsistent from OS to OS.

To address those issues I wrote the attached script. It does more or less the same thing, but it gives more compact output and formatted hyperlinks. Its output looks like this:

Caption Description Hotfix ID KB Link Installed On Service Pack in effect Fix comments Software Update 933246 933246 01c7ced4f18c9ed7 Update KB937954 937954 01c832387702bf6a Software Update 932926 932926 01c7ced4f193c528 Software Update 932925 932925 01c7cecb71bfd1e7 Update KB905866 905866 01c83d79580f63d6 Security Update KB925902 925902 01c7ced4f1962743

The Service Pack In Effect and the Fix Comments fields are still not populated, but that is because this screenshot was taken on Windows Vista. On XP they were populated. In addition, the script does its best to parse the Hotfix ID and make a clickable link out of it in the KB Link directory. This gives you a direct link to where the script belongs. In addition, the script creates the output file automatically in current working directory. This makes investigating the installed updates far easier. Hopefully someone else will find this helpful.

Two more notes are in order about this script. First, the Installed On date is in binary form on Windows Vista, which is why the output looks the way it does. On Windows XP that same fields holds a string date and so is much more valuable. Second, a more powerful version of this script, written by scripting genius Ed Wilson, and designed for PowerShell, will ship on the CD for the Windows Server 2008 Security Resource Kit. The CD comes with a number of other scripts of his design, as well as some tools of my design, and is, of course, available for pre-order now.

Leave a Reply

Your email address will not be published. Required fields are marked *