Category filter

PowerShell scripts for Windows patch management

To ensure a safe and reliable digital workspace, Windows devices must be updated with the most recent security updates and bug fixes. However, managing patches across many systems can be time-consuming and prone to human error. A patch management script can be helpful in this situation.

It helps to automate the execution of instructions that streamline downloading, installing, and managing patches on Windows computers. This can save time, reduce the likelihood of human error, and ensure consistency across all computers in the network. With a patch management script executed using Hexnode’s Execute Custom Script feature, you can also automate the process of identifying vulnerabilities or downloading and installing of required updates.

Disclaimer:

The sample scripts provided below are adapted from third-party open-source sites.

PowerShell script

You can use the PSWindowsUpdate module to streamline the process of Windows patch management.

Module installation

To install the PSWindowsUpdate module on your computer (manual installation required).

List available cmdlets

To display the list of available cmdlets in the PSWindowsUpdate module.

List available updates

To get a full list of available Windows updates (Alias: Get-WUList).

Install updates

  • To download and install available updates from the WSUS server or Microsoft update.
  • To install only a specific update package.
  • Eg: Get-WUInstall -KBArticleID KB4011670

    Uninstall updates

    To uninstall an already installed update (Alias: Get-WUUninstall).

    Disable automatic downloads

    To prevent the device from downloading updates automatically.

    Notes:

    • It is recommended to manually validate the script execution on a system before executing the action in bulk.
    • Hexnode will not be responsible for any damage/loss to the system on the behavior of the script.

  • Sample Script Repository