Need a report of the current status of a computer relating to all patches that are installed regardless on how they were installed (WSUS, TEM, etc.). This would include critical, important, etc.
From Customer -
Web reporting offers a computer details page, where installed fixlets are shown. But I believe this only shows a history back to when TEM agent was installed. On Solaris there were several hundred patches shown from “showrev -p” command, but significantly less in the Web Report.
For complete and historical patch installation information to include those before the install of TEM, there is a WMI class provided call Win32_QuickFixEngineering.
For non-Windows patch installation information such as on Solaris, I have not seen any info, so we will have to use the command referenced to output the patches installed, then use a retrieve property to pull back the data.
I have found the relevance statement on another post that lists all install security updates using an analysis and it works pretty well but would like to see the description next to each KB number for the install updates. Any takers?
Unable to find windows 8 and windows 2012 installed patches report
if ((name of it = “Win8” OR name of it = “WinME”) of operating system) then (names of keys whose (exists value “UninstallString” of it AND (value “UninstallString” of it as string contains “RunDll32 advpack.dll,LaunchINFSection”)) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall” of registry) else if (name of operating system = “WinNT”) then (names of keys whose (exists value “UninstallString” of it AND (value “UninstallString” of it as string contains “hotfix.exe”)) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall” of registry) else if ((name of it = “Win2000” OR name of it = “WinXP” OR name of it = “WinXP-2003” OR name of it = “Win2003”) of operating system) then (names of keys whose ((exists value “UninstallString” of it) AND (value “UninstallString” of it as string contains “spuninst.exe”) AND (name of it as string does not contain “Service Pack”)) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall” of native registry) else if ((name of it = “WinVista” OR name of it = “Win2008” OR name of it = “Win2008R2” OR name of it = “Win7”) of operating system) then (elements of ((set of (if (exists key “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages” of native registry) then elements whose (it contains “KB” AND it does not contain “") of ((set of ((substrings before “~” of substrings after "for” of names of keys whose (name of it contains “for_”) of key “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages” of native registry) as uppercase)) - (set of (“KB936330”;“KB948465”))) else (nothing))))) else (“Not Supported”)