Cyberithub

How to use Get-Hotfix to check installed windows updates on System

Advertisements

In this article, we will see how to use Get-Hotfix cmdlet to check list of windows updates and hotfixes installed on a System. The Get-Hotfix cmdlet in PowerShell is a utility that retrieves information about updates, commonly known as "hotfixes," installed on a local or remote Windows system. It is a handy tool for system administrators and users who need to track or verify the applied patches and updates for maintenance, security, or compliance purposes.

 

Key Parameters

  • -Id: This parameter is used to specify the identifier of the hotfix you want to retrieve. Hotfix identifiers typically start with "KB" followed by a number. You can specify multiple IDs separated by commas.
  • -Description: Allows you to filter hotfixes based on their descriptions. You can use wildcard characters for pattern matching.
  • -ComputerName: This parameter specifies the name of the computer for which you want to get hotfix information. It allows you to query hotfixes on remote systems. If not specified, the cmdlet retrieves hotfixes from the local computer.
  • -Credential: Used with the -ComputerName parameter to specify a user account under which the command runs. It's useful when you need to provide specific credentials for accessing a remote computer.
  • -Full: This switch provides additional information about each hotfix. It expands the view to show all properties of the hotfix objects.

 

Important Features 

  • List Installed Updates: Get-Hotfix provides a list of all the hotfixes (updates and patches) that have been applied to a system. This includes security updates, critical updates, service packs, and other types of Windows updates.
  • Filtering Capabilities: The cmdlet allows users to filter results based on specific criteria, such as the hotfix ID, description, installed date, and more. This is particularly useful for verifying whether a particular security update has been installed.
  • Remote System Querying: Get-Hotfix can query not only the local system but also remote systems, making it useful in networked environments and for remote administration. This requires appropriate permissions and network access.
  • Displaying Information: The output typically includes the hotfix ID (usually starting with 'KB' for Knowledge Base updates), a brief description, the name of the system on which the hotfix is installed, the installed date, and more.

 

Limitations 

  • Data Completeness: Get-Hotfix might not list all types of updates, such as those installed through other mechanisms like Windows Store Apps updates.
  • Permission Requirements: You might need administrator privileges to run these commands, especially when accessing information from a remote system.
  • InstalledOn Field: The InstalledOn field may be empty for some updates, depending on how they were installed and what metadata is available.

 

How to use Get-Hotfix to check installed windows updates on System

How to use Get-Hotfix to check installed windows updates on System

Also Read: How to find error from Event Log in Windows using Powershell

Advertisements

To get all windows hotfixes and updates installed on system, you can simply run Get-Hotfix cmdlet on powershell as shown below.

PS C:\> Get-Hotfix

Source         Description      HotFixID   InstalledBy          InstalledOn
------         -----------      --------   -----------          -----------
DESKTOP-HL...  Update           KB5032005  NT AUTHORITY\SYSTEM  21-11-2023 00:00:00
DESKTOP-HL...  Update           KB5027122  NT AUTHORITY\SYSTEM  16-06-2023 00:00:00
DESKTOP-HL...  Update           KB4562830  NT AUTHORITY\SYSTEM  10-02-2021 00:00:00
DESKTOP-HL...  Security Update  KB4570334                       18-11-2020 00:00:00
DESKTOP-HL...  Update           KB4577586  NT AUTHORITY\SYSTEM  19-02-2021 00:00:00
DESKTOP-HL...  Security Update  KB4580325                       19-11-2020 00:00:00
DESKTOP-HL...  Security Update  KB4586864                       19-11-2020 00:00:00
DESKTOP-HL...  Update           KB4589212  NT AUTHORITY\SYSTEM  23-03-2021 00:00:00
DESKTOP-HL...  Security Update  KB4598481  NT AUTHORITY\SYSTEM  10-02-2021 00:00:00
DESKTOP-HL...  Update           KB5003791  NT AUTHORITY\SYSTEM  06-02-2022 00:00:00
DESKTOP-HL...  Update           KB5011048  NT AUTHORITY\SYSTEM  07-07-2023 00:00:00
.................................

 

If you are looking for some specific update, for example KB5032392 in our case then you can check by running Get-Hotfix | Where-Object {$_.HotFixID -like "*KB5032392*"} command as shown below.

PS C:\> Get-Hotfix | Where-Object {$_.HotFixID -like "*KB5032392*"}

Source        Description  HotFixID    InstalledBy           InstalledOn
------        -----------  --------    -----------           -----------
DESKTOP-HL... Update       KB5032392   NT AUTHORITY\SYSTEM   16-11-2023 00:00:00

To get a chronological view of installed updates, use Get-Hotfix | Sort-Object InstalledOn command as shown below.

Advertisements
PS C:\> Get-Hotfix | Sort-Object InstalledOn

Source          Description       HotFixID    InstalledBy         InstalledOn
------          -----------       --------    -----------         -----------
DESKTOP-HL...   Security Update   KB4570334                       18-11-2020 00:00:00
DESKTOP-HL...   Security Update   KB4586864                       19-11-2020 00:00:00
DESKTOP-HL...   Security Update   KB4580325                       19-11-2020 00:00:00
DESKTOP-HL...   Security Update   KB4598481   NT AUTHORITY\SYSTEM 10-02-2021 00:00:00
DESKTOP-HL...   Update            KB4562830   NT AUTHORITY\SYSTEM 10-02-2021 00:00:00
DESKTOP-HL...   Update            KB4577586   NT AUTHORITY\SYSTEM 19-02-2021 00:00:00
DESKTOP-HL...   Update            KB4589212   NT AUTHORITY\SYSTEM 23-03-2021 00:00:00
DESKTOP-HL...   Security Update   KB5005699   NT AUTHORITY\SYSTEM 16-09-2021 00:00:00
DESKTOP-HL...   Update            KB5006753   NT AUTHORITY\SYSTEM 11-11-2021 00:00:00
DESKTOP-HL...   Update            KB5007273   NT AUTHORITY\SYSTEM 17-12-2021 00:00:00
DESKTOP-HL...   Update            KB5003791   NT AUTHORITY\SYSTEM 06-02-2022 00:00:00
DESKTOP-HL...   Security Update   KB5011352   NT AUTHORITY\SYSTEM 11-02-2022 00:00:00
............................................................

 

You can also look for hotfixes and updates installed in last few days. For example, to check all hotfixes and updates installed in last 30 days, use Get-Hotfix | Where-Object {$_.InstalledOn -gt (Get-Date).AddDays(-30)} command as shown below.

Advertisements
PS C:\> Get-Hotfix | Where-Object {$_.InstalledOn -gt (Get-Date).AddDays(-30)}

Source         Description      HotFixID   InstalledBy          InstalledOn
------         -----------      --------   -----------          -----------
DESKTOP-HL...  Security Update  KB5033372  NT AUTHORITY\SYSTEM  18-12-2023 00:00:00
DESKTOP-HL...  Update           KB5032907  NT AUTHORITY\SYSTEM  13-12-2023 00:00:00

You also have the option to list out all hotfixes and updates installed after a specific date. For example, if you want to check all hotfixes installed after 8th Dec, 2023 then you have to use Get-Hotfix | Where-Object {$_.InstalledOn -gt "12/08/2023"} command as shown below.

PS C:\> Get-Hotfix | Where-Object {$_.InstalledOn -gt "12/08/2023"}

Source         Description      HotFixID   InstalledBy          InstalledOn
------         -----------      --------   -----------          -----------
DESKTOP-HL...  Security Update  KB5033372  NT AUTHORITY\SYSTEM  18-12-2023 00:00:00
DESKTOP-HL...  Update           KB5032907  NT AUTHORITY\SYSTEM  13-12-2023 00:00:00

 

To display only specific object, you can make use of Select-Object with Get-hotfix cmdlet. For example, if you don't want all objects to be displayed on output, just HotfixId and InstalledOn then use Get-Hotfix | Select-Object -Property HotfixId, InstalledOn command as shown below.

PS C:\> Get-Hotfix | Select-Object -Property HotfixId, InstalledOn

HotfixId   InstalledOn
--------   -----------
KB5032005  21-11-2023 00:00:00
KB5027122  16-06-2023 00:00:00
KB4562830  10-02-2021 00:00:00
KB4570334  18-11-2020 00:00:00
KB4577586  19-02-2021 00:00:00
KB4580325  19-11-2020 00:00:00
KB4586864  19-11-2020 00:00:00
KB4589212  23-03-2021 00:00:00
KB4598481  10-02-2021 00:00:00
KB5003791  06-02-2022 00:00:00
KB5011048  07-07-2023 00:00:00
KB5012170  09-08-2022 00:00:00
...................................

 

To get the total count of hotfixes installed, use (Get-Hotfix).Count command as shown below.

PS C:\> (Get-Hotfix).Count
36

 

If you specifically want to check security update then use Get-Hotfix | Where-Object {$_.Description -like "*Security*"} command as shown below.

PS C:\> Get-Hotfix | Where-Object {$_.Description -like "*Security*"}

Source         Description      HotFixID  InstalledBy          InstalledOn
------         -----------      --------  -----------          -----------
DESKTOP-HL...  Security Update  KB4570334                      18-11-2020 00:00:00
DESKTOP-HL...  Security Update  KB4580325                      19-11-2020 00:00:00
DESKTOP-HL...  Security Update  KB4586864                      19-11-2020 00:00:00
DESKTOP-HL...  Security Update  KB4598481  NT AUTHORITY\SYSTEM 10-02-2021 00:00:00
DESKTOP-HL...  Security Update  KB5012170  NT AUTHORITY\SYSTEM 09-08-2022 00:00:00
DESKTOP-HL...  Security Update  KB5033372  NT AUTHORITY\SYSTEM 18-12-2023 00:00:00
DESKTOP-HL...  Security Update  KB5011352  NT AUTHORITY\SYSTEM 11-02-2022 00:00:00
DESKTOP-HL...  Security Update  KB5014032  NT AUTHORITY\SYSTEM 13-05-2022 00:00:00
DESKTOP-HL...  Security Update  KB5005699  NT AUTHORITY\SYSTEM 16-09-2021 00:00:00

You can also choose to export all the hotfixes and updates to a CSV file by using Export-Csv cmdlet as shown below.

PS C:\> Get-Hotfix | Export-Csv -Path "C:\Users\cyberithub\output.csv"

 

Conclusion

Get-Hotfix is an essential cmdlet in PowerShell for managing and auditing system updates on Windows computers. Its ability to quickly list and filter installed updates makes it a valuable tool for system administrators and power users.

Leave a Comment