Windows Updates/Patches: Unterschied zwischen den Versionen

Aus Wiki-WebPerfect
Wechseln zu: Navigation, Suche
K
K
 
(15 dazwischenliegende Versionen des gleichen Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
 +
== Search, Download & Install Windows Updates ==
 +
''Because of the Windows Update dilemma with different Windows versions, I wrote the following script that should works locally on Windows Server 2016, 2019, 2022 and maybe higher.''
 +
 +
<source lang="powershell">
 +
$MSUpdateSearcher = New-Object -ComObject Microsoft.Update.Searcher
 +
$Updates = $MSUpdateSearcher.Search("IsInstalled=0 AND IsHidden=0").Updates
 +
 +
$MSUpdateCollection = New-Object -ComObject Microsoft.Update.UpdateColl
 +
foreach($Update in $Updates) {
 +
    $MSUpdateCollection.Add($Update) | Out-Null
 +
}
 +
 +
if($MSUpdateCollection.Count -gt 0) {
 +
    Write-Host "Accept EULA, if is necessary."
 +
    foreach($Update in $MSUpdateCollection) {
 +
        if($Update.EulaAccepted -eq 0) {$Update.AcceptEula()}
 +
    }
 +
 +
    Write-Host "Download the selected updates."
 +
    $MSUpdateSession = New-Object -ComObject Microsoft.Update.Session
 +
    $MSUpdateDownloader = $MSUpdateSession.CreateUpdateDownloader()
 +
    $MSUpdateDownloader.Updates = $MSUpdateCollection
 +
    $MSUpdateDownloader.Download()
 +
 +
    Write-Host "Install the downloaded updates."
 +
    $MSUpdateInstaller = New-Object -ComObject Microsoft.Update.Installer
 +
    $MSUpdateInstaller.Updates = $MSUpdateCollection
 +
    $InstallResult = $MSUpdateInstaller.Install()
 +
 +
    if ($InstallResult.RebootRequired) {
 +
        Restart-Computer -Force
 +
    }
 +
}
 +
</source>
 +
 +
== Windows Update Dilemma ==
 +
=== Windows Server 2022 ===
 +
<span style="color:red">With Windows Server 2022 there is no CIM-Class MSFT_WUOperations or MSFT_WUOperationsSession and the PowerShell-Module "WindowsUpdateProvider" will no longer be integrated. </span> <br>
 +
<span style="color:red">Even the 3rd Party PowerShell Module "PSWindowsUpdate" don't work with Windows Server 2022 remotely (tested with version 2.2.0.2).</span> <br>
 +
That's why I prefer the solution above for all Windows Server 2016 and higher. <br>
 +
 +
'''Some information's about the dilemma:'''
 +
*'''PowerShell-Module WindowsUpdateProvider:''' https://github.com/MicrosoftDocs/windows-powershell-docs/issues/139
 +
*'''CIM-Classes:''' https://github.com/PowerShell/PowerShell/issues/5718 & https://richardspowershellblog.wordpress.com/2017/11/17/windows-update-change-in-server-1709/
 +
*'''Useful information's:''' https://github.com/microsoft/MSLab/blob/master/Scenarios/Windows%20Update/readme.md
 +
 +
=== Windows Server 2019 ===
 +
<span style="color:red">With Windows Server 2019 the CIM-Class was renamed to MSFT_WUOperations and works not similar to Windows Server 2016. </span> <br>
 +
Microsoft ships with Windows Server 2019 the PowerShell-Module "WindowsUpdateProvider" that is handy and this works like following:
 +
<source lang="powershell">
 +
Import-Module WindowsUpdateProvider
 +
$availableUpdates = Start-WUScan
 +
if ($availableUpdates.Count -gt 0) {
 +
    Write-Host "[$(Get-Date -Format HH:mm:ss)] Following $($availableUpdates.Count) Updates are about to be installed:"
 +
    $availableUpdates | Format-Table Title, MsrcSeverity
 +
    $null = Install-WUUpdates -Updates $availableUpdates
 +
    Write-Host "[$(Get-Date -Format HH:mm:ss)] $($availableUpdates.Count) Updates has been succesfully installed"
 +
}
 +
</source>
 +
 +
=== Windows Server 2016 ===
 +
Microsoft said on Windows Server 2016 you should use the CIM-Class MSFT_WUOperationsSession like following:
 +
<source lang="powershell">
 +
$cimInstance = New-CimInstance -Namespace root/Microsoft/Windows/WindowsUpdate -ClassName MSFT_WUOperationsSession
 +
$updateScanResult = Invoke-CimMethod -InputObject $cimInstance -MethodName ScanForUpdates -Arguments @{SearchCriteria = "IsInstalled=0"; OnlineScan = $true }
 +
$availableUpdates | Format-Table Title, MsrcSeverity
 +
$null = Invoke-CimMethod -InputObject $cimInstance -MethodName ApplyA
 +
</source>
 +
 +
 +
 
== Remove Windows Update ==
 
== Remove Windows Update ==
 
  <source lang="powershell"> wusa /uninstall /kb:<KB-Number> </source>
 
  <source lang="powershell"> wusa /uninstall /kb:<KB-Number> </source>

Aktuelle Version vom 25. Januar 2022, 16:29 Uhr

Search, Download & Install Windows Updates

Because of the Windows Update dilemma with different Windows versions, I wrote the following script that should works locally on Windows Server 2016, 2019, 2022 and maybe higher.

$MSUpdateSearcher = New-Object -ComObject Microsoft.Update.Searcher
$Updates = $MSUpdateSearcher.Search("IsInstalled=0 AND IsHidden=0").Updates
 
$MSUpdateCollection = New-Object -ComObject Microsoft.Update.UpdateColl
foreach($Update in $Updates) {
    $MSUpdateCollection.Add($Update) | Out-Null
}
 
if($MSUpdateCollection.Count -gt 0) {
    Write-Host "Accept EULA, if is necessary."
    foreach($Update in $MSUpdateCollection) {
        if($Update.EulaAccepted -eq 0) {$Update.AcceptEula()}
    }
 
    Write-Host "Download the selected updates."
    $MSUpdateSession = New-Object -ComObject Microsoft.Update.Session
    $MSUpdateDownloader = $MSUpdateSession.CreateUpdateDownloader()
    $MSUpdateDownloader.Updates = $MSUpdateCollection
    $MSUpdateDownloader.Download()
 
    Write-Host "Install the downloaded updates."
    $MSUpdateInstaller = New-Object -ComObject Microsoft.Update.Installer
    $MSUpdateInstaller.Updates = $MSUpdateCollection
    $InstallResult = $MSUpdateInstaller.Install()
 
    if ($InstallResult.RebootRequired) {
        Restart-Computer -Force
    }
}

Windows Update Dilemma

Windows Server 2022

With Windows Server 2022 there is no CIM-Class MSFT_WUOperations or MSFT_WUOperationsSession and the PowerShell-Module "WindowsUpdateProvider" will no longer be integrated.
Even the 3rd Party PowerShell Module "PSWindowsUpdate" don't work with Windows Server 2022 remotely (tested with version 2.2.0.2).
That's why I prefer the solution above for all Windows Server 2016 and higher.

Some information's about the dilemma:

Windows Server 2019

With Windows Server 2019 the CIM-Class was renamed to MSFT_WUOperations and works not similar to Windows Server 2016.
Microsoft ships with Windows Server 2019 the PowerShell-Module "WindowsUpdateProvider" that is handy and this works like following:

Import-Module WindowsUpdateProvider
$availableUpdates = Start-WUScan
if ($availableUpdates.Count -gt 0) {
    Write-Host "[$(Get-Date -Format HH:mm:ss)] Following $($availableUpdates.Count) Updates are about to be installed:"
    $availableUpdates | Format-Table Title, MsrcSeverity 
    $null = Install-WUUpdates -Updates $availableUpdates
    Write-Host "[$(Get-Date -Format HH:mm:ss)] $($availableUpdates.Count) Updates has been succesfully installed"
}

Windows Server 2016

Microsoft said on Windows Server 2016 you should use the CIM-Class MSFT_WUOperationsSession like following:

$cimInstance = New-CimInstance -Namespace root/Microsoft/Windows/WindowsUpdate -ClassName MSFT_WUOperationsSession
$updateScanResult = Invoke-CimMethod -InputObject $cimInstance -MethodName ScanForUpdates -Arguments @{SearchCriteria = "IsInstalled=0"; OnlineScan = $true }
$availableUpdates | Format-Table Title, MsrcSeverity 
$null = Invoke-CimMethod -InputObject $cimInstance -MethodName ApplyA


Remove Windows Update

 wusa /uninstall /kb:<KB-Number>