Table of Contents
In this article, we will see how to use Get-Hotfix cmdlet to check list of windows updates and hotfixes installed on a System. The Get-Hotfix cmdlet in PowerShell is a utility that retrieves information about updates, commonly known as "hotfixes," installed on a local or remote Windows system. It is a handy tool for system administrators and users who need to track or verify the applied patches and updates for maintenance, security, or compliance purposes.
Key Parameters
- -Id: This parameter is used to specify the identifier of the hotfix you want to retrieve. Hotfix identifiers typically start with "KB" followed by a number. You can specify multiple IDs separated by commas.
- -Description: Allows you to filter hotfixes based on their descriptions. You can use wildcard characters for pattern matching.
- -ComputerName: This parameter specifies the name of the computer for which you want to get hotfix information. It allows you to query hotfixes on remote systems. If not specified, the cmdlet retrieves hotfixes from the local computer.
- -Credential: Used with the -ComputerName parameter to specify a user account under which the command runs. It's useful when you need to provide specific credentials for accessing a remote computer.
- -Full: This switch provides additional information about each hotfix. It expands the view to show all properties of the hotfix objects.
Important Features
- List Installed Updates: Get-Hotfix provides a list of all the hotfixes (updates and patches) that have been applied to a system. This includes security updates, critical updates, service packs, and other types of Windows updates.
- Filtering Capabilities: The cmdlet allows users to filter results based on specific criteria, such as the hotfix ID, description, installed date, and more. This is particularly useful for verifying whether a particular security update has been installed.
- Remote System Querying: Get-Hotfix can query not only the local system but also remote systems, making it useful in networked environments and for remote administration. This requires appropriate permissions and network access.
- Displaying Information: The output typically includes the hotfix ID (usually starting with 'KB' for Knowledge Base updates), a brief description, the name of the system on which the hotfix is installed, the installed date, and more.
Limitations
- Data Completeness: Get-Hotfix might not list all types of updates, such as those installed through other mechanisms like Windows Store Apps updates.
- Permission Requirements: You might need administrator privileges to run these commands, especially when accessing information from a remote system.
- InstalledOn Field: The InstalledOn field may be empty for some updates, depending on how they were installed and what metadata is available.
How to use Get-Hotfix to check installed windows updates on System
Also Read: How to find error from Event Log in Windows using Powershell
To get all windows hotfixes and updates installed on system, you can simply run Get-Hotfix cmdlet on powershell as shown below.
PS C:\> Get-Hotfix Source Description HotFixID InstalledBy InstalledOn ------ ----------- -------- ----------- ----------- DESKTOP-HL... Update KB5032005 NT AUTHORITY\SYSTEM 21-11-2023 00:00:00 DESKTOP-HL... Update KB5027122 NT AUTHORITY\SYSTEM 16-06-2023 00:00:00 DESKTOP-HL... Update KB4562830 NT AUTHORITY\SYSTEM 10-02-2021 00:00:00 DESKTOP-HL... Security Update KB4570334 18-11-2020 00:00:00 DESKTOP-HL... Update KB4577586 NT AUTHORITY\SYSTEM 19-02-2021 00:00:00 DESKTOP-HL... Security Update KB4580325 19-11-2020 00:00:00 DESKTOP-HL... Security Update KB4586864 19-11-2020 00:00:00 DESKTOP-HL... Update KB4589212 NT AUTHORITY\SYSTEM 23-03-2021 00:00:00 DESKTOP-HL... Security Update KB4598481 NT AUTHORITY\SYSTEM 10-02-2021 00:00:00 DESKTOP-HL... Update KB5003791 NT AUTHORITY\SYSTEM 06-02-2022 00:00:00 DESKTOP-HL... Update KB5011048 NT AUTHORITY\SYSTEM 07-07-2023 00:00:00 .................................
If you are looking for some specific update, for example KB5032392 in our case then you can check by running Get-Hotfix | Where-Object {$_.HotFixID -like "*KB5032392*"} command as shown below.
PS C:\> Get-Hotfix | Where-Object {$_.HotFixID -like "*KB5032392*"} Source Description HotFixID InstalledBy InstalledOn ------ ----------- -------- ----------- ----------- DESKTOP-HL... Update KB5032392 NT AUTHORITY\SYSTEM 16-11-2023 00:00:00
To get a chronological view of installed updates, use Get-Hotfix | Sort-Object InstalledOn command as shown below.
PS C:\> Get-Hotfix | Sort-Object InstalledOn Source Description HotFixID InstalledBy InstalledOn ------ ----------- -------- ----------- ----------- DESKTOP-HL... Security Update KB4570334 18-11-2020 00:00:00 DESKTOP-HL... Security Update KB4586864 19-11-2020 00:00:00 DESKTOP-HL... Security Update KB4580325 19-11-2020 00:00:00 DESKTOP-HL... Security Update KB4598481 NT AUTHORITY\SYSTEM 10-02-2021 00:00:00 DESKTOP-HL... Update KB4562830 NT AUTHORITY\SYSTEM 10-02-2021 00:00:00 DESKTOP-HL... Update KB4577586 NT AUTHORITY\SYSTEM 19-02-2021 00:00:00 DESKTOP-HL... Update KB4589212 NT AUTHORITY\SYSTEM 23-03-2021 00:00:00 DESKTOP-HL... Security Update KB5005699 NT AUTHORITY\SYSTEM 16-09-2021 00:00:00 DESKTOP-HL... Update KB5006753 NT AUTHORITY\SYSTEM 11-11-2021 00:00:00 DESKTOP-HL... Update KB5007273 NT AUTHORITY\SYSTEM 17-12-2021 00:00:00 DESKTOP-HL... Update KB5003791 NT AUTHORITY\SYSTEM 06-02-2022 00:00:00 DESKTOP-HL... Security Update KB5011352 NT AUTHORITY\SYSTEM 11-02-2022 00:00:00 ............................................................
You can also look for hotfixes and updates installed in last few days. For example, to check all hotfixes and updates installed in last 30 days, use Get-Hotfix | Where-Object {$_.InstalledOn -gt (Get-Date).AddDays(-30)} command as shown below.
PS C:\> Get-Hotfix | Where-Object {$_.InstalledOn -gt (Get-Date).AddDays(-30)} Source Description HotFixID InstalledBy InstalledOn ------ ----------- -------- ----------- ----------- DESKTOP-HL... Security Update KB5033372 NT AUTHORITY\SYSTEM 18-12-2023 00:00:00 DESKTOP-HL... Update KB5032907 NT AUTHORITY\SYSTEM 13-12-2023 00:00:00
You also have the option to list out all hotfixes and updates installed after a specific date. For example, if you want to check all hotfixes installed after 8th Dec, 2023 then you have to use Get-Hotfix | Where-Object {$_.InstalledOn -gt "12/08/2023"} command as shown below.
PS C:\> Get-Hotfix | Where-Object {$_.InstalledOn -gt "12/08/2023"} Source Description HotFixID InstalledBy InstalledOn ------ ----------- -------- ----------- ----------- DESKTOP-HL... Security Update KB5033372 NT AUTHORITY\SYSTEM 18-12-2023 00:00:00 DESKTOP-HL... Update KB5032907 NT AUTHORITY\SYSTEM 13-12-2023 00:00:00
To display only specific object, you can make use of Select-Object with Get-hotfix cmdlet. For example, if you don't want all objects to be displayed on output, just HotfixId and InstalledOn then use Get-Hotfix | Select-Object -Property HotfixId, InstalledOn command as shown below.
PS C:\> Get-Hotfix | Select-Object -Property HotfixId, InstalledOn HotfixId InstalledOn -------- ----------- KB5032005 21-11-2023 00:00:00 KB5027122 16-06-2023 00:00:00 KB4562830 10-02-2021 00:00:00 KB4570334 18-11-2020 00:00:00 KB4577586 19-02-2021 00:00:00 KB4580325 19-11-2020 00:00:00 KB4586864 19-11-2020 00:00:00 KB4589212 23-03-2021 00:00:00 KB4598481 10-02-2021 00:00:00 KB5003791 06-02-2022 00:00:00 KB5011048 07-07-2023 00:00:00 KB5012170 09-08-2022 00:00:00 ...................................
To get the total count of hotfixes installed, use (Get-Hotfix).Count command as shown below.
PS C:\> (Get-Hotfix).Count 36
If you specifically want to check security update then use Get-Hotfix | Where-Object {$_.Description -like "*Security*"} command as shown below.
PS C:\> Get-Hotfix | Where-Object {$_.Description -like "*Security*"} Source Description HotFixID InstalledBy InstalledOn ------ ----------- -------- ----------- ----------- DESKTOP-HL... Security Update KB4570334 18-11-2020 00:00:00 DESKTOP-HL... Security Update KB4580325 19-11-2020 00:00:00 DESKTOP-HL... Security Update KB4586864 19-11-2020 00:00:00 DESKTOP-HL... Security Update KB4598481 NT AUTHORITY\SYSTEM 10-02-2021 00:00:00 DESKTOP-HL... Security Update KB5012170 NT AUTHORITY\SYSTEM 09-08-2022 00:00:00 DESKTOP-HL... Security Update KB5033372 NT AUTHORITY\SYSTEM 18-12-2023 00:00:00 DESKTOP-HL... Security Update KB5011352 NT AUTHORITY\SYSTEM 11-02-2022 00:00:00 DESKTOP-HL... Security Update KB5014032 NT AUTHORITY\SYSTEM 13-05-2022 00:00:00 DESKTOP-HL... Security Update KB5005699 NT AUTHORITY\SYSTEM 16-09-2021 00:00:00
You can also choose to export all the hotfixes and updates to a CSV file by using Export-Csv cmdlet as shown below.
PS C:\> Get-Hotfix | Export-Csv -Path "C:\Users\cyberithub\output.csv"
Conclusion
Get-Hotfix is an essential cmdlet in PowerShell for managing and auditing system updates on Windows computers. Its ability to quickly list and filter installed updates makes it a valuable tool for system administrators and power users.