Windows Updates

Kopite_21Kopite_21 Member Posts: 194 ■■■□□□□□□□
Hi Guys,


I work for a medium sized IT Company in the Channel Isles offering Professional and Managed Services to businesses of all sizes, as well as a range of other support services such as Business Continuity, Hosting and eGaming.


My question is when we perform Windows Security Updates for clients we log into their servers and perform their patching but we need to make a note of the KB numbers that were patched and input them into a spreadsheet. When it comes to patching certain clients they tend to have a lot of patches to install and I need to write these down in the spreadsheet one by one. Is there an easier way were I can import these patches like insert them into Notepad then copy the lot of them all at once then insert them into the spreadsheet?


I have to remote to these servers so there is noway i can open a Notepad in the server and insert the KB numbers there then insert them into a Notepad on my Desktop.


Thanks for the help in advance. icon_rolleyes.gif

Comments

  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Looked into using WSUS or SCCM for updates? Much better than doing it manually, along with reporting
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Looked into using WSUS or SCCM for updates? Much better than doing it manually, along with reporting

    what 636 said, look to automate the patching processes, you can schedule jobs, its less time consuming, more efficient etc. Look at SCCM.
  • BornToBeMildBornToBeMild Member Posts: 69 ■■□□□□□□□□
    Kopite_21 wrote: »
    I have to remote to these servers so there is noway i can open a Notepad in the server and insert the KB numbers there then insert them into a Notepad on my Desktop.

    You can enable clipboard sharing in Remote Desktop or even better enable the "map local drives" option. Then you can create a file on the server, and save it to your local drive. You could use Powershell to list installed updates:

    Get-Hotfix | Sort InstalledOn -desc

    The sort option fails if you don't have the U.S. date format, so a more global (but more complicated) version is:

    Get-HotFix | Select description,hotfixid,installedby,@{l="InstalledOn";e={[DateTime]::Parse($_.psbase.properties"installedon"].value,$([System.Globalization.CultureInfo]::GetCultureInfo("en-US")))}} | sort installedon -descending

    You could play with this to restrict the list to installed today, or today-5, etc. You can also output to csv.

    There is also a PS module talked about here:

    https://blogs.technet.microsoft.com/heyscriptingguy/2012/11/08/use-a-powershell-module-to-run-windows-update/
  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    We use SCCM at work. Sometimes, it catches them all. However, we do have to look up the updates that fall through the cracks and we fail the STIGS. I hate when a few of the updates fail and either you can reinstall or have to go to the repository again and download/reinstall.
    Never let your fear decide your fate....
  • kohr-ahkohr-ah Member Posts: 1,277
    WSUS, SCCM, or also Kaseya.

    When I worked at an MSP about 2 years ago we'd installed Kaseya on their servers SOLELY for updates and it tells you the updates you want to perform. Screen cap then for later and push.

    ** Note Kaseya is expensive though
  • Kopite_21Kopite_21 Member Posts: 194 ■■■□□□□□□□
    Hi Guys,

    Thanks for all your reply's, really some great info you have given me.
  • White WizardWhite Wizard Member Posts: 179
    Should implement Kaseya or SolarWinds N-able for software management of patches, AV, remote control, scripting, and so on.

    Expensive solutions but you have to consider how much time you are spending manually inputting Kb numbers onto a spreadhseet compared to a set it and forget type of solution.
    "The secret to happiness is doing what you love. The secret to success is loving what you do."
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    You can enable clipboard sharing in Remote Desktop or even better enable the "map local drives" option. Then you can create a file on the server, and save it to your local drive. You could use Powershell to list installed updates:

    Get-Hotfix | Sort InstalledOn -desc

    The sort option fails if you don't have the U.S. date format, so a more global (but more complicated) version is:

    Get-HotFix | Select description,hotfixid,installedby,@{l="InstalledOn";e={[DateTime]::Parse($_.psbase.properties"installedon"].value,$([System.Globalization.CultureInfo]::GetCultureInfo("en-US")))}} | sort installedon -descending

    You could play with this to restrict the list to installed today, or today-5, etc. You can also output to csv.

    There is also a PS module talked about here:

    https://blogs.technet.microsoft.com/heyscriptingguy/2012/11/08/use-a-powershell-module-to-run-windows-update/

    The get-hotfix cmdlet also works with the -computername switch, so you could loop through a list of server names and use export-csv to **** the above command to a csv file.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
Sign In or Register to comment.