Check for Windows Updates and audit results with BigFix

I created a script that uses the Windows Updates api to check for updates and save the results to an INI file which can then be read by a BigFix analysis. The script is based upon a VBScript provided by Microsoft.

WARNING: This will download the catalog from Microsoft and should be equivalent of hitting “Check for Updates” in windows. This could negatively impact WAN connections if done all at once on many systems. If using WSUS then this may result in unusually high WSUS traffic if deployed all at once on many systems.


This is useful as a way to double check your patching process to make sure you don’t have old patches showing up as applicable on many machines. This also covers drivers and other content that is not patched by BigFix.


Related: https://github.com/jgstew/tools/blob/master/VBS/WUA_Search.vbs

2 Likes