Windows Enterprise Desktop
Manage Learn to apply best practices and optimize your operations.

PS Get-HotFix Cmdlet Checks Update Status

Ed Tittel
Ed Tittel

If you’re anything like me, you watch for news about Windows Updates as they’re released. Two of my favorite sources for such info are Twitter and TenForums. On Twitter, the Windows 10 Team is pretty good about posting info for updates and upgrades (e.g. #WindowsInsider and @donasarkar). At TenForums, the Windows 10 News forum is my go-to resource: they usually pin new postings about updates or upgrades within minutes of release. When I saw news about new Intel microcode updates for Spectre last week, my first thought was to check if they’d been installed on certain target machines. My second thought was “Gosh! I bet there’s a PowerShell (PS) cmdlet for that.” Sure enough, I was right. If you feed it a KB article identifier, the PS Get-HotFix cmdlet checks update status quickly and easily. Here’s a screencap with a pair of examples:

For updates it finds, Get-Hotfix tells when it installed. If not you’ll get an error message instead.
[Click image for full-sized view.]

When PS Get-HotFix Cmdlet Checks Update Status, What Does It Say?

Look at the preceding screencap. If Get-HotFix finds an update, it reports its presence. It also shows date/time when the item appeared. That was the case for a recent Intel microcode update, KB4100347 added on 8/21/2018 to the target system. On the other hand, if a KB item is missing, Get-HotFix produces an error message. It reads “cannot find the requested hotfix…” I deliberately used a made-up, bogus KB identifier, KB4100300, to provoke the error message you see above. Actually, this is also what you’d see if you asked the command to check for a legit KB item that was absent from the target PC.

What All This Means To You

Get-HotFix makes it extremely easy to tell what’s present and what’s absent, as long as you can identify specific items of interest explicitly. To produce a list of all installed updates, simply enter the cmdlet name with no arguments instead. As long as you can remember the cmdlet’s name, you can use this handy little tool any time you like. Great stuff!

[Note] Here’s a shout-out to Mike Robbins, whose May 18, 2017 blog post clued me into this useful PS cmdlet. It’s entitled “Use PowerShell to Determine if Specific Windows Updates are Installed on Remote Servers.” He also explains an expeditious trick to run the command on remote machines (which should interest admins greatly). And for those who like such stuff, here’s a link to the MS Docs page on Get-HotFix.

Virtual Desktop
SearchWindowsServer
Close