Jump to content

How to tell if a Hotfix has been applied?

LVCVA

By LVCVA,
in AutoIt General Help and Support

 Share

Recommended Posts

LVCVA Seeker

LVCVA

Posted
Posted

I want to write a script that will tell me if specific MS hotfixes have been applied. I'm using Vista.

The following WMI command will query for a specific hotfix:

wmic qfe | find "949939"

If hotfix 949939 is there, I get an output something like this:

http://support.microsoft.com/?kbid=943411 MARCJFMV9WD1 Security Update

KB943411 S-1-5-21-796845957-6

16249376-1801674531-1117 01c856fe780b10e6

If not, nothing is returned. How can I incorporate such a check in an AutoIT script?

Link to comment
Share on other sites
spudw2k Universalist

spudw2k

Posted
Posted (edited)

Here's an easy way. ;)

$strInput = InputBox("Installed Patches Search","KB?  (i.e. 123456)")
If $strInput  = "" Then Exit
msgbox(0,"",_IsKBInstalled($strInput))

Func _IsKBInstalled($strKB,$strHost = @ComputerName)
    $objSearcher = _MSUpdateSession($strHost)
    If Not IsObj($objSearcher) Then Return "Failed"
    $varKBFound = False
    $intHistoryCount = $objSearcher.GetTotalHistoryCount
    $colHistory = $objSearcher.QueryHistory(1, $intHistoryCount)
    For $objKB in $colHistory
        If StringInstr($objKB.Title,$strKB) Then $varKBFound = True
    Next
    Return $varKBFound
EndFunc

Func _MSUpdateSession($strHost)
    $objSession = ObjCreate("Microsoft.Update.Session",$strHost)
    If Not IsObj($objSession) Then Return 0
    Return $objSession.CreateUpdateSearcher
EndFunc

edit: Haven't tested on Vista

edit: Updated Code

Edited by spudw2k
Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetreive SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

Link to comment
Share on other sites
LVCVA Seeker

LVCVA

Posted
  • Author
Posted

Thank you for the response. When I run this, it always returns a 0. I've tried it with both a KB that was installed and one that wasn't. I don't have a XP box to try it on at the moment to see if this is a Vista issue. Any other way to troubleshooting this?

Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

Thank you for the response. When I run this, it always returns a 0. I've tried it with both a KB that was installed and one that wasn't. I don't have a XP box to try it on at the moment to see if this is a Vista issue. Any other way to troubleshooting this?

Use RunWait() so you get the return code. Return code = 0 is success from the "Find", non-zero is fail: 
$iRET = RunWait(@ComSpec & ' /c WMIC qfe | FIND "949939"', @TempDir, @SW_SHOW)
If $iRET Then
    MsgBox(16, "Error", "Failed to find it.")
Else
    MsgBox(64, "Success", "Found hotfix")
EndIf

;)

You can also list them directly from WMI (for which WMIC is a wrapper): 

; To list all hotfixes with WMI:
$objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
$colQuickFixes = $objWMIService.ExecQuery("SELECT * FROM Win32_QuickFixEngineering")
$sMsg = "Hot fixes on: " & @ComputerName & @CRLF & "-------------" & @CRLF
For $objQuickFix In $colQuickFixes
    $sMsg &= "Description: " & $objQuickFix.Description & @CRLF
    $sMsg &= "Hot Fix ID: " & $objQuickFix.HotFixID & @CRLF
    $dtmDate = $objQuickFix.InstallDate
    If $dtmDate <> "" Then
    ; Back referencing RegExp pattern from weaponx
        $sRegExpPatt = "\A(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(?:.*)"
        $dtmDate = StringRegExpReplace($dtmDate, $sRegExpPatt, "$2/$3/$1 $4:$5:$6")
    EndIf
    $sMsg &= "Installation Date: " & $dtmDate & @CRLF
    $sMsg &= "Installed By: " & $objQuickFix.InstalledBy & @CRLF & "-------------" & @CRLF
Next
ConsoleWrite($sMsg & @LF)

:D

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
spudw2k Universalist

spudw2k

Posted
Posted (edited)

Thank you for the response. When I run this, it always returns a 0. I've tried it with both a KB that was installed and one that wasn't. I don't have a XP box to try it on at the moment to see if this is a Vista issue. Any other way to troubleshooting this?

Hmm, well it could be failing (my code) if you have a firewall blocking ICMP (ping). I removed the ping line, still get 0? If you still get 0 then the Object creation of Microsoft.Update.Session is failing. Not sure how to approach that. Could also be firewall related. Edited by spudw2k
Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetreive SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

Link to comment
Share on other sites
avery Prodigy

avery

Posted
Posted (edited)

Use RunWait() so you get the return code. Return code = 0 is success from the "Find", non-zero is fail: 

$iRET = RunWait(@ComSpec & ' /c WMIC qfe | FIND "949939"', @TempDir, @SW_SHOW)
If $iRET Then
    MsgBox(16, "Error", "Failed to find it.")
Else
    MsgBox(64, "Success", "Found hotfix")
EndIf

;)

You can also list them directly from WMI (for which WMIC is a wrapper): 

; To list all hotfixes with WMI:
$objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
$colQuickFixes = $objWMIService.ExecQuery("SELECT * FROM Win32_QuickFixEngineering")
$sMsg = "Hot fixes on: " & @ComputerName & @CRLF & "-------------" & @CRLF
For $objQuickFix In $colQuickFixes
    $sMsg &= "Description: " & $objQuickFix.Description & @CRLF
    $sMsg &= "Hot Fix ID: " & $objQuickFix.HotFixID & @CRLF
    $dtmDate = $objQuickFix.InstallDate
    If $dtmDate <> "" Then
; Back referencing RegExp pattern from weaponx
        $sRegExpPatt = "\A(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(?:.*)"
        $dtmDate = StringRegExpReplace($dtmDate, $sRegExpPatt, "$2/$3/$1 $4:$5:$6")
    EndIf
    $sMsg &= "Installation Date: " & $dtmDate & @CRLF
    $sMsg &= "Installed By: " & $objQuickFix.InstalledBy & @CRLF & "-------------" & @CRLF
Next
ConsoleWrite($sMsg & @LF)

:D

This is awesome! I love surfing these forums. Thank you.

Edit:

Any idea why I get all these File 1 entries?

>Running:(3.2.12.1):C:\Program Files\AutoIt3\autoit3.exe "E:\www\proj\au3\DoDSecurityTool\queryhotfixes.au3"    
Hot fixes on: KCYF82R
-------------
Description: 
Hot Fix ID: File 1
Installation Date: 
Installed By: 
-------------
Description: 
Hot Fix ID: File 1
Installation Date: 
Installed By: 
-------------
Description: 
Hot Fix ID: File 1
Installation Date: 
Installed By: 
-------------
Description: 
Hot Fix ID: File 1
Installation Date: 
Installed By: 
-------------

Edit again to remove company names :\

Edited by avery
www.abox.orgAvery HowellVisit My AutoIt Websitehttp://www.abox.org
Link to comment
Share on other sites
avery Prodigy

avery

Posted
Posted

No idea. I don't see that when I run it.

;)

I can get rid of those entries pretty easy anyways. It's probably some shotty script corporate wrote that broke it. I'm on XP SP2.

I get about 10 pages of those bogus entries then all the valid ones at the bottom.

Thanks for that free code, it would have taken me hours to even attempt something that cool :D

www.abox.orgAvery HowellVisit My AutoIt Websitehttp://www.abox.org
Link to comment
Share on other sites
spudw2k Universalist

spudw2k

Posted
Posted

If you need a history of all updates (Microsoft) that have been installed (or failed) try this.

http://www.autoitscript.com/forum/index.ph...st&p=569166

Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetreive SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...