Get last Patched status.

Hi Members,

Need your support to get the patch information on a server.

I have seen examples of Get-Hotfix and did Get-Member options to find information about the patch release date and i couldn’t find. The WMI QuickfixEngineering also has no info.

I don’t need when the patch was installed, but a decent update like what was installed when with respect to the released patch.

So, i went here Windows 8.1 and Windows Server 2012 R2 update history , took all the information in the left side and made a simple file.

Something that looked like this…

<hr />

15-Jan-19 KB4480969
8-Jan-19 KB4480964
8-Jan-19 KB4480963
11-Dec-18 KB4471322
11-Dec-18 KB4471320
27-Nov-18 KB4467695
13-Nov-18 KB4467703
13-Nov-18 KB4467697
18-Oct-18 KB4462

<hr />

I am not good at extracting data out of web-pages so i did the above file manually and placed it at a central location accessible.

I need some help to simplify the below code.

#Patch sources

$patch2k12R2 = ‘’

$resultPatches = ‘’

#get the patches MS had released from repository, my local file maintained.

$patch2k12R2 = Invoke-WebRequest -uri “http://myrepository/win2k12r2.file

#$patch2k12R2.Content -> to See the output of the file.
#get hotfixes installed on the local server.
$HotfixIDLast = Get-HotFix | sort-object -Descending | select -expandproperty HotfixID

foreach($HotfixIDLastOne in $HotfixIDLast)
if(($patch2k12R2.Content| findstr $HotfixIDLastOne ))
$resultPatches += ($patch2k12R2.Content| findstr $HotfixIDLastOne).toString() +“`n”

$resultPatches.Split(“`n”)| select -First 1

The above gives the last match, when the KB applied to the date released.

My worst fears would be that i am missing something obvious which is available already instead of this…

Any directions would be helpful.

Thank you for your time…


Well, findtr is a native executable. PowerShell has inbuilt cmdlet to do more than what findstr can do and it outputs objects.
I suggest you to read the documentation of Select-String cmdlet and change the existing code using it/. You can update us in case of any difficulties.

And AFAIK, You can’t get the patch release date from the OS or from patch itself.

Thank you, looks like i’m in the right direction…

If you have a WSUS server you can also get your source list from there.

Objects returned by the Get-PSWSUSUpdate cmdlet have a CreationDate property.

For example:

Import-Module -Name PoshWSUS
Connect-PSWSUSServer -WsusServer MyWsusServer -Port 8530
Get-PSWSUSUpdate | Select-Object -Property KnowledgebaseArticles,Title,CreationDate

Hi Luc,

This code snippet is great and would help lot of people who use WSUS, thank you so much for sharing.

Unfortunately, our infra doesn’t have WSUS or any other patch management tools.

i’ve taken KV, advice and changed to select-string, guess we have to update the static files montly :wink:

Thank you.