How to Update Windows for Security Updates

This documentation is generated by Attune

Automate This

Use the Attune GUI for your Scripts

    1 Download Attune
    2 Copy the Attune Project URL
    3 Clone the Project in Attune
    4 Plan your Job(s)
    5 Run your Job(s)

You've automated: Update Windows for Security Updates


Get the most out of automation with our get started videos, product demonstrations, and more.

Learn Attune Automation

The following steps will guide you through the manual process.

Connect via RDP:

mstsc /admin /v:{windowsnode}

Login as user {windowsuseradministrator} and open a command prompt.

Execute the following script:

                
$module = Get-Module -ListAvailable -Name PSWindowsUpdate

if (-not $module) {
    Install-Package -Name PSWindowsUpdate -Verbose -Force
    Import-Module -Name PSWindowsUpdate -Verbose
} else {
    Write-Output "PSWindowsUpdate module is already installed."
}
                
            

Execute the following script:

                
Get-WUHistory -Last 15

$SecurityUpdates = Get-WindowsUpdate -Category "Security"

if ($SecurityUpdates.Count -gt 0) {
    Write-Host "Missing Security Updates:"
    
    $SecurityUpdates | ForEach-Object {
        Write-Host "KB$($_.KBArticleID): $($_.Title)"
    }
} else {
    Write-Host "No missing security updates found."
}
                
            

Execute the following script:

                
Invoke-WUJob -ComputerName localhost `
    -Script { "Install-WindowsUpdate -Category 'Security' -Verbose -ForceDownload -ForceInstall -AcceptAll -IgnoreReboot" } `
    -RunNow -Confirm:$false -Verbose

Get-WUJob
                
            

Execute the following script:

                
Get-ScheduledTask -TaskName "PSWindowsUpdate"
do {
    $scheduledTask = Get-ScheduledTask -TaskName "PSWindowsUpdate"
    Write-Host "PSWindowsUpdate task: $($scheduledTask.State)"
    Start-Sleep -Seconds 10
} while ($scheduledTask.State -ne "Ready")
                
            

Execute the following script:

                
$taskExists = Get-ScheduledTask -TaskName "PSWindowsUpdate"

if ($taskExists) {
    Get-ScheduledTask -TaskName "PSWindowsUpdate"
    Unregister-ScheduledTask -TaskName "PSWindowsUpdate" -Confirm:$false
} else {
    Write-Host "PSWindowsUpdate isn't listed as a Scheduled Task."
}
                
            

Execute the following script:

                
$WAIT = 10
shutdown /r /t $WAIT /c "Restart from Attune"
Write-Host "Restarting in $WAIT seconds."
                
            

Check if TCP Port 0 is listening. Make sure the TCP Port goes down for 2 seconds.

Use Telnet to check if the TCP Service is accepting connections.

Connect via RDP:

mstsc /admin /v:{windowsnode}

Login as user {windowsuseradministrator} and open a command prompt.

Execute the following script:

                
Get-WUHistory -Last 15

$SecurityUpdates = Get-WindowsUpdate -Category "Security"

if ($SecurityUpdates.Count -gt 0) {
    Write-Host "Missing Security Updates:"
    
    $SecurityUpdates | ForEach-Object {
        Write-Host "KB$($_.KBArticleID): $($_.Title)"
    }
    Write-Error "Please investigate why the security updates were not installed."
} else {
    Write-Host "Success! All security updates are installed."
}
                
            

Completed

You have completed this instruction.

Attune - Powered by ServerTribe

Automate with Attune

Download the Attune Community Edition.

DOWNLOAD!!!

Discuss this Project in Discord

Join our Discord channel and connect with like-minded individuals who share your passion. Engage in lively discussions, gain valuable insights, and stay updated on the latest trends in our industry. Don't miss out on this opportunity to network, learn, and grow together.


Click the link below and become a part of our vibrant community on Discord today!

Join NOW!!!