I needed to list all the missing Windows Updates that have been deployed through Configuration manager. This means, not the ones deployed through WSUS, nor the ones that have NOT been deployed to that specific machine, just get the missing updates that the machine is suppose to have.
The information was not that straight forward to get, but I ended up finding a way to find all the missing updates using PowerShell, WMI and put all of that together into Configuration Manager Configuration Item (and Configuration Manager Baselines).
How to list missing software updates using powershell?
So how do we get the sccm 2012 software updates with powershell? This information can be found a bit anywhere on the internet, and can use thousand of different ways to achieve this goal. (Check out my other Script to retrieve a list of existing Software updates right here) While this blog post mostly explains how to create a Configuration Item that will return the missing software updates deployed on a machine using PowerShell, I though that this article would be incomplete if we didn’t added the basic of the basics: how to list the software updates using powershell and the Configuration Manager client agent.
$ComputerName = $env:COMPUTERNAME
$NameSpace = “ROOTccmSoftwareUpdatesUpdatesStore”
$Query = “Select * FROM CCM_UpdateStatus”
$Class = “CCM_UpdateStatus”
$Results = Get-WmiObject -ComputerName $ComputerName -Namespace $NameSpace -Class $class -Query $Query
How to get Missing software updates using Powershell?
If you have the configuration manager client deployed, you are lucky, because this method will work for you!
In order to get missing the sofware updates using powershell, we can retrieve pretty precise information on deployed updates using the CCM_UpdateStatus class. The function below illustrates that.