Detection script for windows hotfixes

Question

So we have recently had issues with the KB971033 update within our network and i have managed to get a working script for removing it and reactivating windows, however when trying to get a detection script working to assure it only runs on effected computers i cant get it to correctly output true or false when testing against installed KBs.

So far this is what im running. No matter what i do it will output false. Anything obvious i am missing?

if ((get-hotfix).hotfixid -eq "KB971033") {$true} else {$false}

score 2 · Accepted Answer · answered Mar 08 '19 at 15:10

2

(get-hotfix).hotfixid returns an array, so you should not compare that with -eq.

This ought to do it:

((Get-HotFix  | Select-Object -ExpandProperty HotFixID) -contains 'KB971033')

or for short:

(((Get-HotFix).HotFixID) -contains 'KB971033')

answered Mar 08 '19 at 15:10

Theo

57,719
8
24
41

Yeah for some reason this works perfectly, any reason that my code above would work fine on the server environment but not on our endpoint machines but the code above works fine? – benrpr Mar 08 '19 at 15:15
@benrpr According to [the docs](https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_comparison_operators?view=powershell-6), `-eq` returns a value of TRUE or the matches if one or more of the values is identical to the pattern. `((get-hotfix).hotfixid -eq "KB971033")` _should_ therefore return a one element array containing the string "KB971033". However, this is the case for PowerShell version 3.0 and up as far as I can tell. Anyway, I never use `-eq` when checking a value in an array. `-contains`, `-in`, `-notcontains` and `-notin` are designed for that. – Theo Mar 08 '19 at 15:56

score 1 · Answer 2 · answered Mar 08 '19 at 15:18

1

It's IMO quite inefficient to sieve through all Hotfixes when testing a distinct one.

if (Get-Hotfix -ID KB971033 -EA 0) {$true} else {$false}

-EA 0 is an abbreviation for -ErrorAction SilentlyContinue

answered Mar 08 '19 at 15:18

score 0 · Answer 3 · answered Mar 08 '19 at 14:52

0

Maybe Try

 if ($(get-hotfix).hotfixid -eq "KB971033") {$true} else {$false}

The "$" is going to make "Get-Hotfix" result into an object with member ".hotfixID".

answered Mar 08 '19 at 14:52

Pink

48
11

Still outputting false on a known installed update, im starting to think the problem might lie elsewhere and the code is in fact fine. – benrpr Mar 08 '19 at 14:55

score 0 · Answer 4 · answered Mar 08 '19 at 14:57

0

In my Windows Server 2016 Environment your Code works fine...maybe the Hotfix is not installed or not listed with 'get-hotfix'

Otherwise you can try this:

$HotfixID= "KB971033"
IF((get-hotfix).hotfixid | ?{ $_ -eq $HotfixID}){$true} else {$false}

It works also on Remote Computer:

(get-hotfix).hotfixid -ComputerName "***SomeDNSName / FQDN***"

answered Mar 08 '19 at 14:57

jeremias kühnis

13
4

The hotfix is both installed and shows up when `get-hotfix` is run standalone.The updated version of the script still outputs false – benrpr Mar 08 '19 at 15:01

Detection script for windows hotfixes

4 Answers4