Windows quick patch checker-batch utility
Quick tool to check if a patch is installed on a window utility.
Uses native WMI query functionality.
Note: WMI should be encrypted!
Requires:
-a valid username/password on target(s) With/OR
-WMI Access
-kb number(s) of the patch(es) you are checking for fi looking for specifics
Usage:
Check all installed patches for a host checkwinpatches 1 [host] [username] [password] Check one host for a specific patch checkwinpatches 2 [host] [username] [password] [patch search string] Check a list of hosts for a specific patch checkwinpatches 3 [host list, one per line] [username] [password] [patch search string] Check one host for a list of patches checkwinpatches 4 [host] [username] [password] [patch search string list, one per line]
-------------------------------------------------
@echo off setlocal enabledelayedexpansion rem %1% =option %2=ip/list %3=username %4=password %5=hotfix/list if "%1"=="" goto usage if %1==1 goto fulllist if %1==2 goto patchsearch if %1==3 goto hostlist if %1==4 goto patchlist goto usage :fulllist wmic /node:%2 /USER:%3% /PASSWORD: /PASSWORD:%4 qfe GET description,FixComments,hotfixid,installedby,installedon goto endbat :patchsearch wmic /node:%2 /USER:%3% /PASSWORD: /PASSWORD:%4 qfe GET description,FixComments,hotfixid,installedby,installedon | FIND "%5" goto endbat :hostlist echo patch status for %5 : FOR /F %%i IN (%2) DO echo %%i, & wmic /node:%%i /USER:%3% /PASSWORD: /PASSWORD:%4 qfe GET description,FixComments,hotfixid,installedby,installedon | FIND "%5" goto endbat :patchlist echo patch status for %2: FOR /F %%i IN (%5) DO echo %%i, & wmic /node:%2 /USER:%3% /PASSWORD: /PASSWORD:%4 qfe GET description,FixComments,hotfixid,installedby,installedon | FIND "%%i" goto endbat :usage echo checkwinpatches [checktype][host/host list] [username] [password] [hotfix(optional)] :endbat