Automation

PSWindowsupdate: Automated Windows Updates with PowerShell

Learn about PSWindowsUpdate, a powerful PowerShell module that simplifies managing and automating Windows updates on your servers.
Brandon LeeJune 1, 2023Last Updated: August 14, 2024
5 minutes read
PSWindowsUpdate Automated Windows Updates with PowerShell
PSWindowsUpdate Automated Windows Updates with PowerShell

Let’s look at PSWindowsupdate automated Windows Updates with PowerShell and see how it can come to the rescue for keeping your Windows environment up-to-date.

Table of contents

What is PSWindowsUpdate?

PSWindowsUpdate is a PowerShell third-party module found in the PowerShell gallery repository available for download that can help administrators manage Windows updates and install updates flexibly and precisely.

The PSWindowsUpdate module provides commands for downloading, installing, and managing updates in an automated way. However, it can work in conjunction with WSUS or pull updates directly from Microsoft.

Admins can control every aspect of Windows updates with this module. These types of tasks include viewing available updates and initiating installations to setting update schedules. It includes advanced features like installing specific updates, managing hidden updates, or even automating the entire update process using the Windows Task Scheduler.

Installing the PSWindowsUpdate Module

The installation process for the PSWindowsUpdate module starts with the command line in your PowerShell console. You need to install the module from the PowerShell gallery by typing:

Install-Module -Name PSWindowsUpdate

This command will download and install the module on your local system. However, it’s critical to note that you may need administrator privileges to install modules. Open the PowerShell prompt as an admin and run the command.

You will be prompted to trust the untrusted repository, which is normal.

Installing the PSWindowsupdate PowerShell module
Installing the PSWindowsupdate PowerShell module

Type “Y” to trust the PSGallery repository.

Accept the untrusted repository to install the module
Accept the untrusted repository to install the module

Importing the PSWindowsUpdate Module

Once installed, you need to import the module PSWindowsUpdate to begin using it. Use the following command:

Import-Module -Name PSWindowsUpdate

It loads the module into your active PowerShell session, making the related cmdlets available for use.

Importing the module in PowerShell
Importing the module in PowerShell

Checking for Available Updates

Upon successful import of the PSWindowsUpdate module, you can quickly check for available updates using the command:

Get-WindowsUpdate

This command will query your machine’s Windows Update Client settings and connect to the Microsoft Update servers to fetch the list of all available updates. You can see critical updates, security updates, and all other types of updates that your system can download and install.

Using the Get WindowsUpdate to see available updates
Using the Get WindowsUpdate to see available updates

Downloading Windows Updates

The PSWindowsUpdate module offers the command:

Download-WindowsUpdate

Use this to download Windows updates. Depending on your settings, this command initiates the download process for all approved updates from the Windows Server Update Service (WSUS) or Microsoft Update.

Download Windows Update with PowerShell
Download Windows Update with PowerShell

Installing Windows Updates

With the updates downloaded, you can install them using the ‘Install-WindowsUpdate‘ command. This command installs all downloaded updates, following which your system might need to reboot.

Install-WindowsUpdate
Running the Install WindowsUpdate command
Running the Install WindowsUpdate command

Managing Windows Update History

The PSWindowsUpdate module provides an opportunity to access your system’s update history. You can use the ‘Get-WUHistory‘ command to get a detailed log of all installed updates.

Get-WUHistory

This command returns a detailed list, including the KB number, update title, and the status of the installed updates.

Get the reboot status of your Windows Server
Get the reboot status of your Windows Server

Installing Specific Updates

You may need to install a specific update related to a specific KB that has been released. We can do that with the PSWindowsUpdate module also. Note the following example of installing a specific update:

Install-WindowsUpdate -KBArticleID KB4012606 -AcceptAll -AutoReboot

This command will only install the specified update and perform an automatic reboot if necessary.

Installing Only Security Updates

If you wish only to install security updates, you can do so with the following command:

Get-WindowsUpdate -Category 'SecurityUpdates' | Install-WindowsUpdate

This command first fetches only the security updates and then pipes them into the Install-WindowsUpdate command, installing only the security updates.

Hiding Updates

There may be certain Windows Updates that you want to hide to keep these from being installed in your environment on machines. If you want to hide Windows updates, there is a specific cmdlet that you can use to do that called the Hide-WindowsUpdate command. If you want to hide the update with the KB number KB4012606, you can do that with the following command:

Hide-WindowsUpdate -KBArticleID KB4012606

This command will hide the specified update, preventing it from appearing in future searches for updates.

Checking if a Reboot is Required

You may want to see if there is a pending reboot required. If you want to check if a reboot is required after installing updates, you can do so with the Get-WURebootStatus command like so:

Get-WURebootStatus

This command will check and let you know if any installed updates require a reboot.

In the example, replace the placeholder KB numbers in the commands with the actual KB number of the update you’re interested in. Also, always ensure to run these commands in a safe and controlled environment, particularly when executing them on production systems or remote computers.

Get Windows Update history using PSWindowsupdate
Get Windows Update history using PSWindowsupdate

Automate Windows Updates using PSWindowsUpdate

How can you automate running PSWindowsUpdate scripts? Note the following code example:

# Import the PSWindowsUpdate module
Import-Module PSWindowsUpdate

# Get all available updates
$updates = Get-WindowsUpdate -MicrosoftUpdate

# Filter out optional updates
$importantUpdates = $updates | Where-Object {$_.IsDownloaded -eq $true -and $_.IsMandatory -eq $true}

# Install important updates
$importantUpdates | Install-WindowsUpdate -AcceptAll -AutoReboot

In this script, we first import the PSWindowsUpdate module. We then get all available updates using Get-WindowsUpdate. Using Where-Object, we filter out only the important updates, ignoring the optional ones. Then we can install the important updates using Install-WindowsUpdate, automatically accepting EULAs and rebooting if necessary.

We can automate it using Task Scheduler. Here’s a basic example of how you can do this:

  1. Open Task Scheduler and create a new task.

  2. In the Triggers tab, set the schedule for the task according to your needs (for example, daily at 3 AM).

  3. In the Actions tab, select ‘Start a program’ and input powershell.exe as the program.

  4. In the ‘Add arguments’ field, input -ExecutionPolicy Bypass -File “c:\your script file path.ps1 where <your script file path> is the path to your PowerShell script.

  5. Finish the wizard and the task will be scheduled.

This script and scheduling are basic examples. You may need to modify the script and task parameters according to your specific requirements, such as filtering updates based on criteria or sending a report by email after installation.

Also, be sure to test these scripts in a safe and controlled environment before deploying them in production, especially when executing them on remote computers.

Using Automation in the home lab

Home lab automation including PowerShell

Wrapping up

The PSWindowsUpdate module is a great way for system administrators to manage single or multiple Windows servers using a fully automated solution built on top of PowerShell. It has many capabilities that give you full control over the Windows Update service.

Brandon LeeJune 1, 2023Last Updated: August 14, 2024
5 minutes read

Subscribe to VirtualizationHowto via Email ๐Ÿ””

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Photo of Brandon Lee

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

Getting-the-download-link-for-downloading-the-latest-Hashicorp-Vault-installation-1

How To Install Hashicorp Vault on Ubuntu 20.04

January 8, 2021
Terraform-apply-successful-run-virtual-machine-is-created-and-customized

Basic Terraform Installation and VMware vSphere Automation

May 17, 2018
Getting-a-Kerberos-ticket-from-Active-Directory-in-Ubuntu-for-use-in-Ansible

Configure Ansible Windows Server Kerberos authentication in Ubuntu

April 30, 2018
Terraform-Build-running-an-apply-of-a-VMware-virtual-machine

Sysprep and VMware Guest Customization with Terraform

June 5, 2018

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | VirtualizationHowto.com