How do I check the available and installed Windows patches with PowerShell?
- Datto RMM
Occasionally, a patch is may not be seen by Datto RMM even though it is available for a device. While the installed patches can be checked in Settings on the device under Windows Update, often (on Windows 10) the available patches can only be seen by checking for updates and running an update on the device.
1. Click on the Start menu and type PowerShell.
2. When the PowerShell menu option appears, right-click it and select Run as Administrator from the menu.
Run the PowerShell script
The script can either be used as a script for a custom component or run in a PowerShell window locally on the device.
Install-Module -Name PSWindowsUpdate
Import-Module -Name PSWindowsUpdate
Get-WUList -IsInstalled # This returns the list of installed patches
Get-WUList # This returns the list of available patches
This script can take some time to return the list to the console. These lists can then be compared to the list of available/installed patches from Datto RMM.
- Microsoft Technet: PSWindowsUpdate module (external link)