Windows Updates/Patches: Unterschied zwischen den Versionen
Admin (Diskussion | Beiträge) |
Admin (Diskussion | Beiträge) K |
||
Zeile 36: | Zeile 36: | ||
== Windows Update Dilemma == | == Windows Update Dilemma == | ||
=== Windows Server 2022 === | === Windows Server 2022 === | ||
− | '''With Windows Server 2022 there | + | '''With Windows Server 2022 there is no CIM-Class MSFT_WUOperations or MSFT_WUOperationsSession and the PowerShell-Module "WindowsUpdateProvider" will no longer be integrated.''' <br> |
That's why I prefer the solution above for all Windows Server 2016 and higher. <br> | That's why I prefer the solution above for all Windows Server 2016 and higher. <br> | ||
Version vom 18. Januar 2022, 10:27 Uhr
Inhaltsverzeichnis
[Verbergen]Search, Download & Install Windows Updates
Because of the Windows Update dilemma with different Windows versions, I wrote the following script that should works on Windows Server 2016, 2019, 2022 and maybe higher.
$MSUpdateSearcher = New-Object -ComObject Microsoft.Update.Searcher $Updates = $MSUpdateSearcher.Search("IsInstalled=0 AND IsHidden=0").Updates $MSUpdateCollection = New-Object -ComObject Microsoft.Update.UpdateColl foreach($Update in $Updates) { $MSUpdateCollection.Add($Update) | Out-Null } if($MSUpdateCollection.Count -gt 0) { Write-Host "Accept EULA, if is necessary." foreach($Update in $MSUpdateCollection) { if($Update.EulaAccepted -eq 0) {$Update.AcceptEula()} } Write-Host "Download the selected updates." $MSUpdateSession = New-Object -ComObject Microsoft.Update.Session $MSUpdateDownloader = $MSUpdateSession.CreateUpdateDownloader() $MSUpdateDownloader.Updates = $MSUpdateCollection $MSUpdateDownloader.Download() Write-Host "Install the downloaded updates." $MSUpdateInstaller = New-Object -ComObject Microsoft.Update.Installer $MSUpdateInstaller.Updates = $MSUpdateCollection $InstallResult = $MSUpdateInstaller.Install() if ($InstallResult.RebootRequired) { Restart-Computer -Force } }
Windows Update Dilemma
Windows Server 2022
With Windows Server 2022 there is no CIM-Class MSFT_WUOperations or MSFT_WUOperationsSession and the PowerShell-Module "WindowsUpdateProvider" will no longer be integrated.
That's why I prefer the solution above for all Windows Server 2016 and higher.
Some information's about the dilemma:
- PowerShell-Module WindowsUpdateProvider: https://github.com/MicrosoftDocs/windows-powershell-docs/issues/139
- CIM-Classes: https://github.com/PowerShell/PowerShell/issues/5718 & https://richardspowershellblog.wordpress.com/2017/11/17/windows-update-change-in-server-1709/
- Useful information's: https://github.com/microsoft/MSLab/blob/master/Scenarios/Windows%20Update/readme.md
Windows Server 2019
With Windows Server 2019 the CIM-Class was renamed to MSFT_WUOperations and works not similar to Windows Server 2016.
Microsoft ships with Windows Server 2019 the PowerShell-Module "WindowsUpdateProvider" that is handy and this works like following:
Import-Module WindowsUpdateProvider $availableUpdates = Start-WUScan if ($availableUpdates.Count -gt 0) { Write-Host "[$(Get-Date -Format HH:mm:ss)] Following $($availableUpdates.Count) Updates are about to be installed:" $availableUpdates | Format-Table Title, MsrcSeverity $null = Install-WUUpdates -Updates $availableUpdates Write-Host "[$(Get-Date -Format HH:mm:ss)] $($availableUpdates.Count) Updates has been succesfully installed" }
Windows Server 2016
Microsoft said on Windows Server 2016 you should use the CIM-Class MSFT_WUOperationsSession like following:
$cimInstance = New-CimInstance -Namespace root/Microsoft/Windows/WindowsUpdate -ClassName MSFT_WUOperationsSession $updateScanResult = Invoke-CimMethod -InputObject $cimInstance -MethodName ScanForUpdates -Arguments @{SearchCriteria = "IsInstalled=0"; OnlineScan = $true } $availableUpdates | Format-Table Title, MsrcSeverity $null = Invoke-CimMethod -InputObject $cimInstance -MethodName ApplyA
Remove Windows Update
wusa /uninstall /kb:<KB-Number>