Force Windows Automatic Updates with PowerShell

April 7th, 2011

If you have a WSUS server and deploy new or re-image computers on a regular basis you know that waiting for Windows to find the latest updates can be slow. This PowerShell script will help speed up the process by using with the Microsoft.Update.Session COM object to force the download an install of the latest approved updates.

This powershell script is adapted from the VBScript (WUA_SearchDownloadInstall.vbs) Microsoft released. However, unlike the Microsoft equivalent it eliminates the need for user input intervention by providing the ability to pass command line arguments.

#      Script: WSUS.ps1
#      Author: Gregory Strike
#         URL: //www.gregorystrike.com/2011/04/07/force-windows-automatic-updates-with-powershell/
#        Date: 02-19-2010
# Information: This script was adapated from the WUA_SearchDownloadInstall.vbs VBScript from Microsoft.  It uses the
#              Microsoft.Update.Session COM object to query a WSUS server, find applicable updates, and install them.
#
#              WSUS.ps1 is a little less verbose about what it is doing when compared to the orginal VBScript.  The
#              lines exist in the code below to show the same information as the original but are just commented out.
#
#              WSUS.ps1 can automatically install applicable updates by passing a Y to the script.  The default
#              behavior is to ask whether or not to install the new updates.
#
#              Syntax:  .\WSUS.ps1 [Install] [Reboot]
#                       Where [Install] is optional and can be "Y", "Yes", "No" or "N"
#                       Whether or not to install the updates automatically.  If Null, the user will be prompted.
#
#                       Where [Reboot] is optional and can be "Y", "Yes", "No" or "N",  This
#                       If updates require a reboot, whether or not to reboot automatically.  If Null, the user will
#                       be prompted.
#
#      Update: 5/30/2012 - Fixed the "Privilege not held" error that caused script to fail when requesting a reboot.

$UpdateSession = New-Object -Com Microsoft.Update.Session
$UpdateSearcher = $UpdateSession.CreateUpdateSearcher()

Write-Host("Searching for applicable updates...") -Fore Green

$SearchResult = $UpdateSearcher.Search("IsInstalled=0 and Type='Software'")

Write-Host("")
Write-Host("List of applicable items on the machine:") -Fore Green
For ($X = 0; $X -lt $SearchResult.Updates.Count; $X++){
    $Update = $SearchResult.Updates.Item($X)
    Write-Host( ($X + 1).ToString() + "> " + $Update.Title)
}

If ($SearchResult.Updates.Count -eq 0) {
    Write-Host("There are no applicable updates.")
    Exit
}

#Write-Host("")
#Write-Host("Creating collection of updates to download:") -Fore Green

$UpdatesToDownload = New-Object -Com Microsoft.Update.UpdateColl

For ($X = 0; $X -lt $SearchResult.Updates.Count; $X++){
    $Update = $SearchResult.Updates.Item($X)
    #Write-Host( ($X + 1).ToString() + "> Adding: " + $Update.Title)
    $Null = $UpdatesToDownload.Add($Update)
}

Write-Host("")
Write-Host("Downloading Updates...")  -Fore Green

$Downloader = $UpdateSession.CreateUpdateDownloader()
$Downloader.Updates = $UpdatesToDownload
$Null = $Downloader.Download()

#Write-Host("")
#Write-Host("List of Downloaded Updates...") -Fore Green

$UpdatesToInstall = New-Object -Com Microsoft.Update.UpdateColl

For ($X = 0; $X -lt $SearchResult.Updates.Count; $X++){
    $Update = $SearchResult.Updates.Item($X)
    If ($Update.IsDownloaded) {
        #Write-Host( ($X + 1).ToString() + "> " + $Update.Title)
        $Null = $UpdatesToInstall.Add($Update)
    }
}

$Install = [System.String]$Args[0]
$Reboot  = [System.String]$Args[1]

If (!$Install){
    $Install = Read-Host("Would you like to install these updates now? (Y/N)")
}

If ($Install.ToUpper() -eq "Y" -or $Install.ToUpper() -eq "YES"){
    Write-Host("")
    Write-Host("Installing Updates...") -Fore Green

    $Installer = $UpdateSession.CreateUpdateInstaller()
    $Installer.Updates = $UpdatesToInstall

    $InstallationResult = $Installer.Install()

    Write-Host("")
    Write-Host("List of Updates Installed with Results:") -Fore Green

    For ($X = 0; $X -lt $UpdatesToInstall.Count; $X++){
        Write-Host($UpdatesToInstall.Item($X).Title + ": " + $InstallationResult.GetUpdateResult($X).ResultCode)
    }

    Write-Host("")
    Write-Host("Installation Result: " + $InstallationResult.ResultCode)
    Write-Host("    Reboot Required: " + $InstallationResult.RebootRequired)

    If ($InstallationResult.RebootRequired -eq $True){
        If (!$Reboot){
            $Reboot = Read-Host("Would you like to reboot now? (Y/N)")
        }

        If ($Reboot.ToUpper() -eq "Y" -or $Reboot.ToUpper() -eq "YES"){
            Write-Host("")
            Write-Host("Rebooting...") -Fore Green
            $WMIReboot = Get-WMIObject -Class Win32_OperatingSystem
            $WMIReboot.PSBase.Scope.Options.EnablePrivileges = $True
            $WMIReboot.Reboot()
        }
    }
}

Gregory Strike

Husband, father, IT dude & blogger wrapped up into one good looking package.