Search for missing patch using PowerShell Script
For those of us who doesn’t have fancy system management software such as Altiris or SCCM 2007, this script will help you identify computers that are missing a specific patch. This script does two things.
- Look for systems that is missing KB958644
- Look for a system that is missing “mcshield” service, which is an AV service.
Feel free to modify this script to fit your needs.
$computerlist = Get-Content -Path c:\searchcomputerlist.txt
$patchoutputfile = "c:\computers_without__patch.txt"
$avoutputfile = "c:\computers_without_AV.txt"
foreach ($computer in $computerlist) {
$hotfixresult = gwmi -computer $computer -query "select * from win32_quickfixengineering where hotfixid = 'KB958644' "
$avresult = gwmi -computer $computer -Query "select * from win32_service where name = 'mcshield'"
if ($hotfixresult -eq $null) {
Add-Content $patchoutputfile $computer
}
if ($avresult -eq $null ) {
Add-Content $avoutputfile $computer
}
}