![]() |
![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
![]() |
| |
| | #1 (permalink) |
| | How to audit installed Vista updates? How can I design a procedure to inventory the Microsoft patches that have been applied to Vista? Although the process wasn't completely reliable, in XP you could get a good idea of what had been installed by enumerating the Registry keys under HKLM\SOFTWARE\Microsoft\Updates. Microsoft even published a small command-line utility (QFECHECK) which would (usually) tell you what Windows patches were installed and which had downleveled files that needed to be reinstalled. (A real advantage of QFECHECK was that the help desk could tell users to run it as part of their triage process.) All of this has changed in Vista. The Registry path used in XP no longer exists, and the data that was there seems to be scattered over various parts of the Registy. Further, the Security Bulletin notices do not publish a Registry key test for Vista. What I'm trying to do is to be able to have an inventory program record an enumeration of the installed patches, allowing downstream programs to determine if the machine has the updates that are required by company policy. With XP this could (with a few exceptions) be done by saving the contents of the UPDATES key, but at this time I don't see any way to do it except by including massive amounts of data from the HKCR hive, which will (a) mean a huge increase in the size of the inventory files, and (b) take longer to read and send from the user's machine. Does anyone have a solution for this? And if there is an RTFM answer, I'll be happy to accept it if you'll just tell me which FM is appropriate. Joe Morris |
My System Specs![]() |
| | #2 (permalink) |
| | Re: How to audit installed Vista updates? Windows Server Update Services http://technet.microsoft.com/wsus/default.aspx Download: http://technet.microsoft.com/wsus/bb466193.aspx -- Andre Blog: http://adacosta.spaces.live.com My Vista Quickstart Guide: http://adacosta.spaces.live.com/blog...3DB!9709.entry "Joe Morris" <j.c.morris@xxxxxx> wrote in message news:tgX%i.6827$e35.3610@xxxxxx Quote: > How can I design a procedure to inventory the Microsoft patches that have > been applied to Vista? > > Although the process wasn't completely reliable, in XP you could get a > good idea of what had been installed by enumerating the Registry keys > under HKLM\SOFTWARE\Microsoft\Updates. Microsoft even published a small > command-line utility (QFECHECK) which would (usually) tell you what > Windows patches were installed and which had downleveled files that needed > to be reinstalled. (A real advantage of QFECHECK was that the help desk > could tell users to run it as part of their triage process.) > > All of this has changed in Vista. The Registry path used in XP no longer > exists, and the data that was there seems to be scattered over various > parts of the Registy. Further, the Security Bulletin notices do not > publish a Registry key test for Vista. > > What I'm trying to do is to be able to have an inventory program record an > enumeration of the installed patches, allowing downstream programs to > determine if the machine has the updates that are required by company > policy. With XP this could (with a few exceptions) be done by saving the > contents of the UPDATES key, but at this time I don't see any way to do it > except by including massive amounts of data from the HKCR hive, which will > (a) mean a huge increase in the size of the inventory files, and (b) take > longer to read and send from the user's machine. > > Does anyone have a solution for this? > > And if there is an RTFM answer, I'll be happy to accept it if you'll just > tell me which FM is appropriate. > > Joe Morris > |
My System Specs![]() |
| | #3 (permalink) |
| | Re: How to audit installed Vista updates? "Joe Morris" <j.c.morris@xxxxxx> wrote in message news:tgX%i.6827$e35.3610@xxxxxx Quote: > How can I design a procedure to inventory the Microsoft patches that have > been applied to Vista? > > Although the process wasn't completely reliable, in XP you could get a > good idea of what had been installed by enumerating the Registry keys > under HKLM\SOFTWARE\Microsoft\Updates. Microsoft even published a small > command-line utility (QFECHECK) which would (usually) tell you what > Windows patches were installed and which had downleveled files that needed > to be reinstalled. (A real advantage of QFECHECK was that the help desk > could tell users to run it as part of their triage process.) > > All of this has changed in Vista. The Registry path used in XP no longer > exists, and the data that was there seems to be scattered over various > parts of the Registy. Further, the Security Bulletin notices do not > publish a Registry key test for Vista. > > What I'm trying to do is to be able to have an inventory program record an > enumeration of the installed patches, allowing downstream programs to > determine if the machine has the updates that are required by company > policy. With XP this could (with a few exceptions) be done by saving the > contents of the UPDATES key, but at this time I don't see any way to do it > except by including massive amounts of data from the HKCR hive, which will > (a) mean a huge increase in the size of the inventory files, and (b) take > longer to read and send from the user's machine. > > Does anyone have a solution for this? > > And if there is an RTFM answer, I'll be happy to accept it if you'll just > tell me which FM is appropriate. > > Joe Morris > You can get a basic list by typing this at a command prompt systeminfo You could also use the wmic command eg wmic qfe get hotfixid wmic qfe get hotfixid,Description wmic qfe list brief -- Jon |
My System Specs![]() |
| | #4 (permalink) |
| | Re: How to audit installed Vista updates? "Andre Da Costa[ActiveWin]" <andred25@xxxxxx> wrote: Quote: > "Joe Morris" <j.c.morris@xxxxxx> wrote: Quote: Quote: >> How can I design a procedure to inventory the Microsoft patches that have >> been applied to Vista? >> >> What I'm trying to do is to be able to have an inventory program record >> an enumeration of the installed patches, allowing downstream programs to >> determine if the machine has the updates that are required by company >> policy.> Quote: What does WSUS offer that will allow an inventory program (in my case, Opsware's "Asset Tracking Edition" product, now owned by HP) to inventory the patch status? I'm asking since last time I looked I didn't see an API in WSUS that would allow it to be used as a closed routine for a third-party product. As I said in my posting, if the answer is "RTFM" please tell me what FM is needed. Joe Morris |
My System Specs![]() |
| | #5 (permalink) |
| | Re: How to audit installed Vista updates? "Jon" <Email_Address@xxxxxx> wrote: Quote: > "Joe Morris" <j.c.morris@xxxxxx> wrote: Quote: Quote: >> How can I design a procedure to inventory the Microsoft patches that have >> been applied to Vista? >> >> What I'm trying to do is to be able to have an inventory program record >> an enumeration of the installed patches, allowing downstream programs to >> determine if the machine has the updates that are required by company >> policy. Quote: > You can get a basic list by typing this at a command prompt > > systeminfo > > You could also use the wmic command eg > > wmic qfe get hotfixid > wmic qfe get hotfixid,Description > wmic qfe list brief rescue!) but what would be most useful would be if I can identify information somewhere on the computer (preferably in the Registry) that could be picked up by the existing inventory program (Opsware's "Asset Tracking Edition") and included verbatim in the inventory report for later parsing. The less the function would require new features to be added to the Opsware product the more quickly it is likely to be available. Joe Morris |
My System Specs![]() |
![]() |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| vista error 800700c1 updates not installed | Vista General | |||
| Vista freeeze 2-5 minutes after updates installed | Windows Updates | |||
| Export Installed updates(windows updates) | Vista General | |||
| Just installed latest updates for vista 64 bit..... ouch!!!! | Vista General | |||
| A New Vista Security Policy on Audit:Force Audit Policy Subcategor | Vista security | |||