Detection script for windows hotfixes

Question

So we have recently had issues with the KB971033 update within our network and i have managed to get a working script for removing it and reactivating windows, however when trying to get a detection script working to assure it only runs on effected computers i cant get it to correctly output true or false when testing against installed KBs.

So far this is what im running. No matter what i do it will output false. Anything obvious i am missing?

if ((get-hotfix).hotfixid -eq "KB971033") {$true} else {$false}

Answer 1

It's IMO quite inefficient to sieve through all Hotfixes when testing a distinct one.

if (Get-Hotfix -ID KB971033 -EA 0) {$true} else {$false}

-EA 0 is an abbreviation for -ErrorAction SilentlyContinue

Answer 2

(get-hotfix).hotfixid returns an array, so you should not compare that with -eq.

This ought to do it:

((Get-HotFix  | Select-Object -ExpandProperty HotFixID) -contains 'KB971033')

or for short:

(((Get-HotFix).HotFixID) -contains 'KB971033')

Answer 3

In my Windows Server 2016 Environment your Code works fine...maybe the Hotfix is not installed or not listed with 'get-hotfix'

Otherwise you can try this:

$HotfixID= "KB971033"
IF((get-hotfix).hotfixid | ?{ $_ -eq $HotfixID}){$true} else {$false}

It works also on Remote Computer:

(get-hotfix).hotfixid -ComputerName "***SomeDNSName / FQDN***"

Answer 4

Maybe Try

 if ($(get-hotfix).hotfixid -eq "KB971033") {$true} else {$false}

The "$" is going to make "Get-Hotfix" result into an object with member ".hotfixID".