Alternative approaches for extracting installed KBs

[fneur]

How about considering alternative approaches for extracting the list of installed KBs (in addition to using Get-SystemInfo, wmic qfe and the systeminfo command)?

The "Microsoft Update Client Install History" as described in windows-how-to-list-all-of-the-windows-and-software-updates-applied-to-a-computer looks promising (wrt eliminating more false positives).

[whoot]

I did some testing:

1. WMIC wmic qfe list full /format:table Gives basically the same output of KBs as systeminfo

2. PowerShell Get-WmiObject -Class "win32_quickfixengineering" | Select-Object -Property "Description", "HotfixID", @{Name="InstalledOn"; Expression={([DateTime]($_.InstalledOn)).ToLocalTime()}} Is the same as above, but with PowerShell and nicely formatted and with installation time.

3a: Update Client Install History $Session = New-Object -ComObject "Microsoft.Update.Session" $Searcher = $Session.CreateUpdateSearcher() $historyCount = $Searcher.GetTotalHistoryCount() $Searcher.QueryHistory(0, $historyCount) | Select-Object Title, Description, Date, @{name="Operation"; expression={switch($_.operation){ 1 {"Installation"}; 2 {"Uninstallation"}; 3 {"Other"} }}}

3b: Alternative to Client Install History An easier/shorter alternative to the Client Install History command would be: (Get-Package -Force | Sort-Object Name -Descending).Name

Combining request 2 and 3b would give you a list of all installed KBs

[whoot]

Combined, cleaned and sorted list could be achieved like this:

# Update Client Install History
$install_history = (Get-Package -Force).Name | Select-String -Pattern '(KB\d+)' -AllMatches | ForEach-Object {$_.Matches.Groups[0].Value}

# win32_quickfixengineering
$quickfix = (Get-WmiObject -Class "win32_quickfixengineering").HotfixID

$kb_list += $quickfix
$kb_list += $install_history
$kb_list | Sort-Object -Unique