Home / HomePage / Scripts / Windows Updates

Windows Updates

This is a work in progress. 500+ lines already, and I still have a few more bits 'n peices to do.

MS08-067 was an out of band patch that was critical to get rolled out immediately.  Microsoft people were telling their customers "this could be the next NIMDA, so install ASAP!" But I found that many sysadmins, especially those at smaller sites, did not have WSUS installed yet, and were also not sure that Automatic Updates were in a consistent state of configuration across all of the systems they administered. Yet they needed a way to get all their systems patched up right away!

This script's purpose is to provide a way to apply all outstanding patches directly from the commandline, without having to mouse around on each individual system, and without needing WSUS installed. So you could use psexec or whatever to push it out to a bunch of systems, and know they all got updated. It might also be handy for people who are building slipstreamed install disks, though I have not tried it in that context yet.

Some notes:
  • The script won't install any Language Packs.
  • It will also skip any "high impact" updates - these are the ones that would tell you to install them all by themselves if you went to the Windows Update site. Usually things like Internet Explorer, Windows Media Player, DirectX version updates.
  • Some updates (for instance, the Malicious Software Removal Tool) need the user to accept a EULA before they will install. If you provide the /accepteula argument when invoking the script, these EULAs will accepted silently (without displaying anything on screen).
  • It can reboot the system after installing updates, if you give the /reboot:yes argument when invoking the script.


I wanted to have a function for offline updates, to solve this issue. I finally had to admit that one is too much for me. WSUS is the answer there, I guess, or the Heise Do-It-Yourself Service Pack. Offline scanning is possible, but I have not yet built that into the script. That and something like /applysinglepatch:KB1234567 (to apply just one really important patch) are pretty much all that's left to do, other than bugfixes. I'll update here when/if I get around to those things.

Writing this forced me to learn vbscript ways of doing many other things as well! So you may find subs or functions within it that are useful, even if the whole script is not.

Final note: the number of scenarios this script should be tested under is, well ... very large. I've tested as many as I reasonably could (see bottom of this page). I'm pretty sure this script can't actually fail in a way that would hurt your system. But if you find a bug, please notify me via the comments (bottom of the page). Thanks!

Here is the help output:

E:\>cscript wupdate.vbs /?
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved. 
 
Usage Examples:
 
cscript wupdate.vbs /reboot:yes /accepteula
cscript wupdate.vbs /checkonly
 
Arguments:
 
/reboot: can be "yes" or "no".
 (will only reboot if one or more updates actually call for reboot)
/checkonly - if this arg is specified, script checks for updates,
 but does not download or apply them.
/accepteula - some updates require a EULA acceptance; this param will
 cause the EULA to be accepted automatically.
/updatewua - updates Windows Update Agent if needed.
 
NOTES
 
You must specify at least one argument, or you will get this help screen.
You may specify multiple arguments, but /checkonly should be used
without any others.
 
The download and install operations will require admin privileges.
Script will list updates then exit if admin privs are not held.
 
Script will list all non-driver updates available from Windows Update that have
not been applied to the system. However it will NOT apply Language Packs,
High Impact updates (which must be installed by themselves), or
updates which require user input or network connectivity.
 
Currently the script does not provide an exit status code though it
does attempt to be verbose (via stdout) about why it exits.
 
E:\>

And here's the script itself:


  1. 'Windows Update Script
  2. 'Uses WUA: http://msdn.microsoft.com/en-us/library/bb905331.aspx
  3. 'TODO: add a switch to allow for offline scanning (offline UPDATES would be a harder problem)
  4. 'http://msdn.microsoft.com/en-us/library/aa387290(VS.85).aspx
  5. 'http://support.microsoft.com/kb/927745
  6. 'http://support.microsoft.com/kb/926464
  7. 'TODO: consider a switch for High Impact updates (+ reboot and re-run script)
  8. 'TODO: consider an /only switch to apply only a single update. ie: /only:KB948590
  9. Option Explicit
  10.  
  11. Dim colArgs
  12. set colArgs = Wscript.Arguments.Named
  13. HandleArgs
  14. UseCscript
  15. CheckWuaVersion
  16.  
  17. 'global vars and the updateSearcher object
  18. Dim updateSession, updateSearcher, searchResult
  19. Dim updatesToDownload, updatesToInstall, failcount, rebootcount
  20. Set updatesToDownload = CreateObject("Microsoft.Update.UpdateColl")
  21. Set updatesToInstall = CreateObject("Microsoft.Update.UpdateColl")
  22. Set updateSession = CreateObject("Microsoft.Update.Session")
  23. Set updateSearcher = updateSession.CreateupdateSearcher()
  24. Wscript.Echo
  25. WScript.Echo "Searching for updates."
  26. Wscript.Echo "Requires internet connection to Windows Update; please wait."
  27. Wscript.Echo "(Should complete within 3 minutes at most.)"
  28. 'Type can be Software or Driver. we won't do drivers.
  29. On Error Resume Next
  30. Set searchResult = updateSearcher.Search("IsInstalled=0 and Type='Software'")
  31. If Err.Number <> 0 Then Call WUAError(Err.Number)
  32. On Error GoTo 0
  33.  
  34. 'the rest of the script is written as subroutines (I like code folding under EditPad Pro!)
  35. CheckForCompletion
  36. ListUpdatesNeeded
  37. CheckIfAdmin
  38. DownloadUpdates
  39. ApplyUpdates
  40. CleanupExit
  41.  
  42. sub HandleArgs 'handle arguments specified in commandline
  43.         if colArgs.Count = 0 Then HelpExit
  44.         if colArgs.Exists("?") Then HelpExit
  45.         if colArgs.Exists("help") Then HelpExit
  46.         if colArgs.Exists("-help") Then HelpExit
  47. end sub
  48.  
  49. sub UseCscript 'make sure we are running in cscript - warn and exit if not
  50.         Dim Result, sUseCscript
  51.         Set Result = CreateObject("Scripting.Dictionary")
  52.         If UCase(Right(WScript.FullName,11)) = "WSCRIPT.EXE" Then
  53.                 sUseCscript = "This script is commandline only; please use cscript." & vbCr
  54.                 sUseCscript = sUseCscript & "In a cmd window, change to proper folder and type:" & vbCr & vbCr
  55.                 sUseCscript = sUseCscript & "cscript " & Wscript.ScriptName & vbCr & vbCr
  56.                 sUseCscript = sUseCscript & "(Hint) You can make cscript your default script" &vbCr
  57.                 sUseCscript = sUseCscript & "engine by typing: cscript //I //H:cscript //S"
  58.                 WScript.Echo sUseCscript
  59.                 WScript.Quit(-1)
  60.         End If
  61. end sub
  62.  
  63. sub CheckWuaVersion 'Verify a usable version of Windows Update Agent is present
  64. 'W2000 SP4 has 5.8.0.2469  and that works fine (does not update itself though)
  65. 'http://msdn.microsoft.com/en-us/library/aa387099.aspx says W2000 SP3 or above
  66. 'TODO: latest WUA is 7.2.6001.784  - detect. if not installed, determine x86 or x64 OS. download as appropriate:
  67. 'http://download.windowsupdate.com/WindowsUpdate/redist/standalone/7.2.6001.784/WindowsUpdateAgent30-x86.exe
  68. 'http://download.windowsupdate.com/WindowsUpdate/redist/standalone/7.2.6001.784/WindowsUpdateAgent30-x64.exe
  69. '(using http://blog.netnerds.net/2007/01/vbscript-download-and-save-a-binary-file/)
  70. 'install with: /wuforce /quiet /norestart (be sure script waits for completion)
  71. Dim strWuaVersion
  72. strWuaVersion = WuaVersion
  73. If strWuaVersion = "0" Then
  74.         Wscript.Echo "Error: missing WUA version."
  75.         Wscript.Echo "Need to have Windows 2000 SP3 or above to use this script."
  76.         Wscript.Quit
  77. ElseIf strWuaVersion = "7.2.6001.788" Then
  78.         Wscript.Echo "WUA version: " & strWuaVersion & " (Latest known version. Excellent!)"
  79. ElseIf strWuaVersion => "5.8.0.2469" Then
  80.         If colArgs.Exists("updatewua") Then
  81.                 Wscript.Echo "WUA version " & strWuaVersion & " found. Updating."
  82.                 UpdateWUA
  83.         Else
  84.                 Wscript.Echo "WUA version: " & strWuaVersion & " (OK, but updating WUA would be good!)"
  85.                 Wscript.Echo "http://support.microsoft.com/kb/949104 for latest version."
  86.                 Wscript.Echo "or use the /updateWUA flag to have this script update to 7.2.6001.788."
  87.         End If
  88. Else
  89.         Wscript.Echo "WUA version is too old to use this script."
  90.         Wscript.Echo "Upgrade to Windows 2000 SP3 or higher version of OS."
  91.         Wscript.Quit
  92. End If
  93. End Sub
  94.  
  95. Sub UpdateWUA 'Update Windows Update Agent
  96. Dim OSbits, oFS, TempDir, WshShell, oExec
  97. OSbits = OScpuEdition
  98. Set oFS = CreateObject("Scripting.FileSystemObject")
  99. Set TempDir = oFS.getSpecialFolder(2)
  100. Set WshShell = CreateObject("WScript.Shell")
  101. Select Case OSbits
  102. Case 32
  103.         Wscript.Echo "Downloading Windows Update Agent v7.2.6001.788 (x86)"
  104.         CallDownloadFile("http://download.windowsupdate.com/windowsupdate/redist/standalone/7.2.6001.788/windowsupdateagent30-x86.exe")
  105.         Wscript.stdOut.Write "Updating .. "
  106.         Set oExec = WshShell.Exec(TempDir & "\windowsupdateagent30-x86.exe /wuforce /quiet /norestart")
  107.         Do While oExec.Status = 0
  108.      WScript.Sleep 100
  109.   Loop
  110.   Wscript.stdOut.WriteLine "Done."
  111. Case 64
  112.         Wscript.Echo "Downloading Windows Update Agent v7.2.6001.788 (x86)"
  113.         CallDownloadFile("http://download.windowsupdate.com/windowsupdate/redist/standalone/7.2.6001.788/windowsupdateagent30-x64.exe")
  114.         Wscript.stdOut.Write "Updating .. "
  115.         Set oExec = WshShell.Exec(TempDir & "\windowsupdateagent30-x64.exe /wuforce /quiet /norestart")
  116.         Do While oExec.Status = 0
  117.      WScript.Sleep 100
  118.   Loop
  119.   Wscript.stdOut.WriteLine "Done."
  120. Case Else
  121.         Wscript.Echo "Could not detect whether OS is x86, x84, or Itanium. Quitting."
  122.         Wscript.Quit
  123. End Select
  124. End Sub
  125.  
  126. sub CheckForCompletion 'if no updates needed, inform user and exit
  127.         If searchResult.Updates.Count = 0 Then
  128.                 WScript.Echo "This system is fully up to date!"
  129.                 WScript.Quit
  130.         End If
  131. end sub
  132.  
  133. sub ListUpdatesNeeded 'print list of updates needed
  134. 'list all updates that are not language packs - and their download status
  135. 'update properties: http://msdn.microsoft.com/en-us/library/aa386099(VS.85).aspx
  136. 'TODO: skip updates that require EULA checks. or have a commandline that accepts the EULA
  137.         Wscript.Echo   
  138.         Dim RequestsInput, WantsReboot, HighImpact, NeedsNetwork, LanguagePack, DontInstall
  139.         Dim Eula, I, update, downloadstatus, downloadcount
  140.         If searchResult.Updates.Count > 0 Then
  141.           Wscript.Echo "List of outstanding updates (not including driver updates):"
  142.                 Wscript.Echo " |-------- D: Needs download (script will download)"
  143.                 Wscript.Echo " ||------- R: Reboot required"
  144.                 Wscript.Echo " |||------ I: Requires user input"
  145.                 Wscript.Echo " ||||----- H: High Impact (must install separately)"
  146.                 Wscript.Echo " |||||---- N: Needs network to properly install"
  147.                 Wscript.Echo " ||||||--- E: Requires EULA acceptance before install"
  148.                 Wscript.Echo " |||||||-- L: Language Pack"
  149.         End If                    
  150.         For I = 0 To searchResult.Updates.Count-1
  151.                         DontInstall = 0
  152.                         RequestsInput = "-"
  153.                         WantsReboot = "-"
  154.                         HighImpact = "-"
  155.                         NeedsNetwork = "-"
  156.                         Eula = "-"
  157.                         LanguagePack = "-"
  158.             Set update = searchResult.Updates.Item(I)
  159.             If InStr(CStr(update.Title),"Language Pack") <> 0 Then 'don't download/install
  160.                 LanguagePack = "L"
  161.                 DontInstall = DontInstall + 1
  162.             End If
  163.             If update.EulaAccepted = False Then 'only install if /accepteula arg was given
  164.                 Eula = "E"
  165.                 If colArgs.Exists("accepteula") = False Then
  166.                         DontInstall = DontInstall + 1
  167.                 Else
  168.                         updatesToDownload.Add(update)
  169.                         updatesToInstall.Add(update)
  170.                         update.AcceptEula()
  171.                 End If
  172.             End If
  173.             If update.InstallationBehavior.CanRequestUserInput = True Then 'don't download/install
  174.                 RequestsInput = "I"
  175.                 DontInstall = DontInstall + 1
  176.             End If
  177.             If update.InstallationBehavior.Impact = 3 Then 'don't download/install
  178.                 HighImpact = "H"
  179.                 DontInstall = DontInstall + 1
  180.             End If
  181.             If update.InstallationBehavior.RequiresNetworkConnectivity Then 'don't download/install
  182.                 NeedsNetwork = "N"
  183.                 DontInstall = DontInstall + 1
  184.             End If
  185.             If update.InstallationBehavior.RebootBehavior <> 0 Then WantsReboot = "R"
  186.                 If update.IsDownloaded Then
  187.                         downloadstatus = "-"
  188.                         If DontInstall = 0 Then updatesToInstall.Add(update)
  189.                 Else
  190.                         downloadstatus = "D"
  191.                         If DontInstall = 0 Then
  192.                                 updatesToDownload.Add(update)
  193.                                 updatesToInstall.Add(update)
  194.                         End If
  195.                 End If             
  196.                 WScript.Echo " "& downloadstatus & WantsReboot & RequestsInput & HighImpact & NeedsNetwork & LanguagePack & Eula &_
  197.                  " "& update.Title
  198.         Next
  199.         Wscript.Echo
  200.         Wscript.Echo searchResult.Updates.Count & " update(s) found. " & updatesToInstall.Count & " eligible for install by this script."
  201.         Wscript.Echo "(This script will NOT download/install updates with I, H, N, or L properties.)"
  202.         Wscript.Echo "(Updates with the E property will be installed if /accepteula arg was given.)"
  203.         If updatesToInstall.Count = 0 Then Wscript.Quit
  204.         If colArgs.Exists("checkonly") Then
  205.                 Wscript.Echo
  206.                 Wscript.echo "You can run this script again, without the /checkonly param,"
  207.                 Wscript.Echo "to apply updates."
  208.                 Wscript.Quit
  209.         End If
  210. end sub
  211.  
  212. sub CheckIfAdmin 'see if current user has admin privs; if Vista/2008 see if they hold elevated token
  213. 'If the script isn't running with admin privs, exit now. Else fall through to DownloadUpdates
  214. Dim strOSFamily
  215. strOSFamily = OSFamily
  216. Select Case strOSFamily
  217. Case "2000"
  218.         If MemberOfAdministrators = 0 Then NoPrivExit
  219. Case "XP"
  220.         If MemberOfAdministrators = 0 Then NoPrivExit
  221. Case "2003"
  222.         If MemberOfAdministrators = 0 Then NoPrivExit
  223. Case "Vista"
  224.         If IsElevated = 0 Then NoPrivExit
  225. Case "2008"
  226.         If IsElevated = 0 Then NoPrivExit
  227. Case Else
  228.         Wscript.Echo "Script halted: the current OS is not recognized."
  229.         Wscript.Echo "Update the OSFamily function and CheckIfAdmin sub."
  230.         Wscript.Quit
  231. End Select
  232. End Sub
  233.  
  234. sub DownloadUpdates 'download any needed updates
  235.         If updatesToDownload.Count > 0 Then
  236.                 Wscript.Echo
  237.                 Wscript.Echo "Downloading the needed updates. This takes time!"
  238.           Dim downloader, dlItem, currdownload, dlresult
  239.           failcount = 0
  240.                 Set downloader = updateSession.CreateUpdateDownloader()
  241.                 Set currdownload = CreateObject("Microsoft.Update.UpdateColl")
  242.                 For Each dlItem in updatesToDownload
  243.                         Wscript.stdout.Write(" " & dlItem.Title &" .. ")
  244.                         currdownload.Add(dlItem)               
  245.                         downloader.Updates = currdownload
  246.                         downloader.Download()
  247.                         If dlItem.IsDownloaded Then
  248.                                 dlresult = "downloaded"
  249.                         Else
  250.                                 dlresult = "DOWNLOAD FAILED"
  251.                                 failcount = failcount + 1
  252.                         End If
  253.                         Wscript.stdout.WriteLine(CStr(dlresult))
  254.                         currdownload.Clear()
  255.                 Next
  256.         End If
  257. end sub
  258.  
  259. sub ApplyUpdates 'apply the updates
  260.         If updatesToInstall.Count > 0 Then
  261.                 Wscript.Echo
  262.                 Wscript.Echo "Installing the updates. Again, it takes time."
  263.                 Dim installer, currinstall, instItem, installResult ', rebootcount
  264.                 rebootcount = 0 
  265.                 Set installer = updateSession.CreateUpdateInstaller()
  266.                 Set currinstall = CreateObject("Microsoft.Update.UpdateColl")
  267.                 For Each instItem in updatesToInstall
  268.                         currinstall.Add(instItem)
  269.                         installer.Updates = currinstall
  270.                         Wscript.stdout.Write(" " & instItem.Title & " .. ")
  271.                         on error resume next
  272.                         Set installResult = installer.Install()
  273.                         If Err.Number <> 0 Then
  274.                                 Wscript.stdout.WriteLine
  275.                                 Call WUAerror(Err.NumberErr.Description)             
  276.                         End if 
  277.                         Select Case installResult.ResultCode 'http://msdn.microsoft.com/en-us/library/aa387095(VS.85).aspx
  278.                         Case 0
  279.                                 Wscript.stdout.Write("ERROR - not started")
  280.                         Case 1
  281.                                 Wscript.stdout.Write("ERROR - in progress")
  282.                         Case 2
  283.                                 Wscript.stdout.Write("Success")
  284.                                 If installResult.RebootRequired = true Then
  285.                                         Wscript.stdout.WriteLine(" - REBOOT REQUIRED")
  286.                                         rebootcount = rebootcount + 1
  287.                                 Else
  288.                                         Wscript.stdout.WriteLine
  289.                                 End If
  290.                         Case 3
  291.                                 Wscript.stdout.Write("ERROR - succeeded, but with errors")
  292.                                 If installResult.RebootRequired = true Then
  293.                                         Wscript.stdout.WriteLine(" - REBOOT REQUIRED")
  294.                                         rebootcount = rebootcount + 1
  295.                                 Else
  296.                                         Wscript.stdout.WriteLine
  297.                                 End If
  298.                         Case 4
  299.                                 Wscript.stdout.Write("ERROR - failed")
  300.                         Case 5
  301.                                 Wscript.stdout.Write("ERROR - aborted")
  302.                         Case Else
  303.                                 Wscript.stdout.Write("ERROR - unknown error")
  304.                         End Select
  305.                         If installResult.ResultCode <> 2 Then failcount = failcount + 1
  306.                         On Error GoTo 0
  307.                 Next
  308.         End If
  309. end sub
  310.  
  311. Function WUAerror(ErrNumber, ErrDesc) 'handle various WUA errors
  312. 'from here: http://msdn.microsoft.com/en-us/library/aa387293(VS.85).aspx, retreived 2008-10-31
  313.         On Error Goto 0
  314.         Wscript.stdout.Write "WUA ERROR " & CStr(Hex(ErrNumber)) & " - "
  315.         Select Case "0x" & CStr(Hex(ErrNumber)) 
  316.         Case "0x8024402C" Wscript.stdout.WriteLine "The proxy server or target server name cannot be resolved."
  317.         Case "0x80244016" Wscript.stdout.WriteLine "The server could not process the request due to invalid syntax."
  318.         Case "0x80244017" Wscript.stdout.WriteLine "The requested resource requires user authentication."
  319.         Case "0x80244018" Wscript.stdout.WriteLine "Server understood the request, but declines to fulfill it."
  320.         Case "0x80244019" Wscript.stdout.WriteLine "The server cannot find the requested URI (Uniform Resource Identifier)."
  321.         Case "0x8024401A" Wscript.stdout.WriteLine "The HTTP method is not allowed."
  322.         Case "0x8024401B" Wscript.stdout.WriteLine "Proxy authentication is required."
  323.         Case "0x8024401C" Wscript.stdout.WriteLine "The server timed out waiting for the request."
  324.         Case "0x8024401D" Wscript.stdout.WriteLine "The request was not completed due to a conflict with the current state of the resource."
  325.         Case "0x8024401E" Wscript.stdout.WriteLine "Requested resource is no longer available at the server."
  326.         Case "0x8024401F" Wscript.stdout.WriteLine "An error internal to the server prevented fulfilling the request."
  327.         Case "0x80244020" Wscript.stdout.WriteLine "Server does not support the functionality required to fulfill the request."
  328.         Case "0x80244021" Wscript.stdout.WriteLine "The server, while acting as a gateway or proxy, received an invalid response from the upstream server it accessed in attempting to fulfill the request."
  329.         Case "0x80244022" Wscript.stdout.WriteLine "The service is temporarily overloaded."
  330.         Case "0x80244023" Wscript.stdout.WriteLine "The request was timed out waiting for a gateway."
  331.         Case "0x80244024" Wscript.stdout.WriteLine "The server does not support the HTTP protocol version used for the request."
  332.         Case "0x80240016" Wscript.stdout.WriteLine "Cannot access user token. http://support.microsoft.com/kb/957307"
  333.         Case Else Wscript.stdout.WriteLine "Unknown error 0x" & CStr(Hex(ErrNumber)) & " (sorry)."
  334.         End Select
  335. end function
  336.  
  337. Function MemberOfAdministrators 'see if current user is in Administrators group
  338.         Dim WshNetwork, CurrUser, oGroup, oUser
  339.         Set WshNetwork = WScript.CreateObject("WScript.Network")
  340.         currUser = WshNetwork.UserName
  341.         MemberOfAdministrators = 0
  342.         set oGroup = GetObject("WinNT://./Administrators,group")  
  343.         For Each oUser in oGroup.Members
  344.                 If InStr(1,oUser.Name,currUser,vbTextCompare) Then MemberOfAdministrators = 1
  345.         Next
  346. end Function
  347.  
  348. Function OSFamily 'discover current OS family -200. XP, 2003, Vista, 2008
  349. Dim strComputer, oWMIService, colOSInfo, oOSProperty, strCaption, strOSFamily
  350. strComputer = "."
  351. Set oWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
  352. Set colOSInfo = oWMIService.ExecQuery("Select * from Win32_OperatingSystem")
  353. 'I dislike looping through just to get one property. But dunno another way!
  354. For Each oOSProperty in colOSInfo
  355.   strCaption = oOSProperty.Caption
  356. Next
  357. If InStr(1,strCaption, "Vista"vbTextCompare) Then
  358.         OSFamily = "Vista"
  359. ElseIf InStr(1,strCaption, "2008"vbTextCompare) Then
  360.         OSFamily = "2008"
  361. ElseIf InStr(1,strCaption, "XP"vbTextCompare) Then
  362.         OSFamily = "XP"
  363. ElseIf InStr(1,strCaption, "2003"vbTextCompare) Then
  364.         OSFamily = "2003"
  365. ElseIf InStr(1,strCaption, "2000"vbTextCompare) Then
  366.         OSFamily = "2000"
  367. Else    
  368.         OSFamily = "Unknown OS"
  369. End If
  370. end Function
  371.  
  372. Function IsElevated 'test whether user has elevated token
  373. 'parses whoami.exe output. I verified whoami.exe is in Vista Home Basic and above.
  374. IsElevated = 0
  375. Dim oShell, oExecWhoami, oWhoamiOutput, strWhoamiOutput
  376. Set oShell = CreateObject("WScript.Shell")
  377. Set oExecWhoami = oShell.Exec("whoami /groups")
  378. Set oWhoamiOutput = oExecWhoami.StdOut
  379. strWhoamiOutput = oWhoamiOutput.ReadAll
  380. If InStr(1, strWhoamiOutput, "S-1-16-12288"vbTextCompare) Then IsElevated = 1
  381. end Function
  382.  
  383. Function WuaVersion 'get current WUA version
  384. Dim oAgentInfo, ProductVersion
  385. On Error Resume Next
  386. Err.Clear
  387. Set oAgentInfo = CreateObject("Microsoft.Update.AgentInfo")
  388. If ErrNum = 0 Then
  389.    WuaVersion = oAgentInfo.GetInfo("ProductVersionString")    
  390. Else
  391.         Wscript.Echo "Error getting WUA version."
  392.         WuaVersion = 0
  393. End If
  394. On Error Goto 0
  395. End Function
  396.  
  397. Function OScpuEdition 'Find out if x32 or x64 Windows
  398. 'doesn't detect Itanium because no Itanium system to test with
  399. Dim strComputer, oWMIService, colCPUInfo, oCPUProperty
  400. strComputer = "."
  401. Set oWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
  402. Set colCPUInfo = oWMIService.ExecQuery("Select AddressWidth from Win32_Processor")
  403. For Each oCPUProperty in colCPUInfo
  404.   OScpuEdition = oCPUProperty.AddressWidth
  405. Next
  406. End Function
  407.  
  408. Function DownloadFile(DownloadUrl) 'generic file downloader, saves to temp
  409. 'Get name of file from url (whatever follows the final forwardslash "/")
  410. Dim arURL, FileName, FileSaveLocation
  411. arURL = Split(DownloadUrl,"/",-1,1)
  412. If arURL(UBound(arURL)) = "" Then 'if there is a trailing forwardslash
  413.         FileName = arURL(UBound(arURL) -1)
  414. Else
  415.         filename = arURL(UBound(arURL))
  416. End If
  417. 'Get temp folder location
  418. Dim oFS, TempDir
  419. Set oFS = CreateObject("Scripting.FileSystemObject")
  420. Set TempDir = oFS.getSpecialFolder(2)
  421. FileSaveLocation = TempDir & "\" & FileName
  422.  
  423. 'Fetch the file
  424. Dim oXMLHTTP, oADOStream
  425. Set oXMLHTTP = CreateObject("MSXML2.XMLHTTP")
  426. oXMLHTTP.open "GET", DownloadUrl, false
  427. oXMLHTTP.send()
  428. If oXMLHTTP.Status = 200 Then
  429.         Set oADOStream = CreateObject("ADODB.Stream")
  430.         oADOStream.Open
  431.         oADOStream.Type = 1 'adTypeBinary       
  432.         oADOStream.Write oXMLHTTP.ResponseBody
  433.         oADOStream.Position = 0    'Set the stream position to the start
  434.         If oFS.Fileexists(FileSaveLocation) Then oFS.DeleteFile FileSaveLocation
  435.         Set oFS = Nothing
  436.         oADOStream.SaveToFile FileSaveLocation
  437.         oADOStream.Close
  438.         Set oADOStream = Nothing
  439. End if
  440. Set oXMLHTTP = Nothing
  441. End Function
  442.  
  443. sub NoPrivExit
  444. Wscript.Echo "Administrative privileges are required to apply updates."
  445. Wscript.Echo "Since the script was not running with Admin privs, halting before download."
  446. Wscript.Echo "Please try again with proper privs."
  447. Wscript.Quit
  448. End Sub
  449.  
  450. Sub CleanupExit 'inform user of status and exit
  451. Wscript.Echo
  452. Wscript.Echo "Script complete. " & updatesToInstall.Count & " updates were needed, " & failcount & " updates failed to download and/or install."
  453. If rebootcount > 0 Then
  454.         Wscript.Echo "A ***REBOOT*** is required for some of the updates to take effect."
  455.         If UCase(colargs.Item("reboot")) = "YES" Then
  456.                 Wscript.Echo
  457.                 Wscript.Echo "REBOOTING in 30 seconds! (""CTRL-C"" to abort)"
  458.                 Wscript.Echo Chr(7) 'beep
  459.                 Wscript.Sleep(30000)
  460.                 Dim OpSysSet, OpSys, wmiquery
  461.                 wmiquery = "select * from Win32_OperatingSystem where Primary=true"
  462.                 Set OpSysSet = GetObject("winmgmts:{(Shutdown)}//./root/cimv2").ExecQuery(wmiquery)
  463.                 For Each OpSys in OpSysSet
  464.         OpSys.Reboot()
  465.                 Next
  466.         Else
  467.                 Wscript.Echo "/reboot:no was specified in script arguments, so please reboot when you can."
  468.         End If
  469. Else
  470.         Wscript.Echo "No reboots were called for by the installed updates."
  471. End If
  472. Wscript.Quit
  473. end sub
  474.  
  475. sub HelpExit 'provide help text and exit
  476.         Wscript.Echo
  477.         Wscript.Echo "Usage Examples:"
  478.         Wscript.Echo
  479.         Wscript.Echo "cscript " & Wscript.ScriptName & " /reboot:yes /accepteula"
  480.         Wscript.Echo "cscript " & Wscript.ScriptName & " /checkonly"
  481.         Wscript.Echo
  482.         Wscript.Echo "Arguments:"
  483.         Wscript.Echo
  484.         Wscript.Echo "/reboot: can be ""yes"" or ""no"". "
  485.         Wscript.Echo "  (will only reboot if one or more updates actually call for reboot)"  
  486.         Wscript.Echo "/checkonly - if this arg is specified, script checks for updates, "
  487.         Wscript.Echo "  but does not download or apply them."
  488.         Wscript.Echo "/accepteula - some updates require a EULA acceptance; this param will"
  489.         Wscript.Echo "  cause the EULA to be accepted automatically."
  490.         Wscript.Echo "/updatewua - updates Windows Update Agent if needed."
  491.         Wscript.Echo
  492.         Wscript.Echo "NOTES"
  493.         Wscript.Echo
  494.         Wscript.Echo "You must specify at least one argument, or you will get this help screen."
  495.         Wscript.Echo "You may specify multiple arguments, but /checkonly should be used "
  496.         Wscript.Echo "without any others."
  497.         Wscript.Echo
  498.         Wscript.Echo "The download and install operations will require admin privileges."
  499.         Wscript.Echo "Script will list updates then exit if admin privs are not held."
  500.         Wscript.Echo
  501.         Wscript.Echo "Script will list all non-driver updates available from Windows Update that have"
  502.         Wscript.Echo "not been applied to the system. However it will NOT apply Language Packs,"
  503.         Wscript.Echo "High Impact updates (which must be installed by themselves), or"
  504.         Wscript.Echo "updates which require user input or network connectivity."
  505.         Wscript.Echo
  506.         Wscript.Echo "Currently the script does not provide an exit status code though it"
  507.         Wscript.Echo "does attempt to be verbose (via stdout) about why it exits."
  508.         Wscript.Quit
  509. end sub
Tested on:
  • Windows 2000 
    • Gold, SP1, and SP2 versions of W2000 cannot be made to work, because WUA itself does not work on those. 
    • SP3 and above works fine if you have WSH installed, however you need to have been to Windows Update at least once; I could not find a way to install WUA from scratch, though the script will properly update WUA if the /updatewua switch is used.
    • If Internet Explorer 6 has not been installed, the script will NOT attempt to install it under any circumstance. This update is not properly marked for needing user input, and it does need several dialog boxes OK'd. Also it creates problems for subsequent patches installed via the script. So I added hard code to filter it out.
    • Same goes for Windows 2000 Service Pack 4.
  • XP SP3 -  works fine. Earlier SP's should also work fine.
  • Windows 2003, SP2 - works fine. Earlier versions of the OS should also be OK though I have not tested them.
  • Vista, SP0 and SP1 - works fine.
  • Windows 2008 SP1 - not tested.


Feedback is always welcome. Let me know how this is working for you!

    Post a comment

    Your Name or E-mail ID (mandatory)

     


    		 RSS of this page