Easy ways to query hot fix information

  • Article

Summary

Many of customers request information on querying hot fix information. They need a report on what hot fixes have been patched and what hot fixes they do not have installed. This article explains several ways to find this information.

1.    Go to Windows Update Online.

If the computer is connected to the Internet, you can go to Windows Update Online at
https://windowsupdate.microsoft.com. After scanning your system, the website will tell you what hot fixes you do not have.

2.    In the %windir%, you can find a number of log files with names beginning with “KB” and followed by six digits, e.g. KB870764.log, KBxxxxxxUninst.log.

KBxxxxxx.log – Contain installation information of the hot fix. If you can find this file and there are no errors in the log, then the hot fix in the file name has been installed.

KBxxxxxxuninst.log – Contain uninstallation information of this hotfix. If you can find this file and there are no errors in the log, then the hot fix KBxxxxxx has been uninstalled from your system.

In addition, you also can find uninstall folders of the hotfix in %windir% (with names like $NtUninstallKBxxxxxx$) and %windir%$hf_mig$ (with names like KBxxxxxx). Generally you can uninstall the hot fix from that folder by running spuninst.exe.

3.    Cmd /c wmic QFE LIST > c:hotfix.txt
This command will use WMI interface to list information on all installed hot fixes for the system.

4.    QFECHECK(q282784)
Qfecheck.exe is a command-line tool that allows network administrators to track and verify installed Windows 2000 and Windows XP hot fixes.

5.    MBSA tool (Recommend).
MBSA can detect common administrative vulnerabilities and missing security updates on your computer. Any update published on Microsoft Update as a security update, update rollup, or service pack can be scanned. It also supports offline scanning (as long as you have a local wsusscan.cab) and remote scan, and it generates a report upon completion.

Note: You can use this tool to check security-related update information.

Microsoft Baseline Security Analyzer 2.0:
https://www.microsoft.com/technet/security/tools/mbsa2/default.mspx

6.    Use WUA API (Recommend).
Windows Update Agent (WUA) API is a set of COM interfaces that enable system administrators and programmers to access Windows Update and Windows Server Update Services (WSUS). Scripts and programs can be written to examine which updates are currently available for a computer, and from there you can install or uninstall updates.

It also supports offline scan (as long as you have a local wsusscan.cab) and remote scan, and it generates a report upon completion.

You can find a useful script to detect what hot fixes are missing at the article below:
Using WUA to Scan for Updates Offline
https://msdn.microsoft.com/library/en-us/wua_sdk/wua/using_wua_to_scan_for_updates_offline.asp

For more information, consult:
https://msdn.microsoft.com/library/default.asp?url=/library/en-us/wua_sdk/wua/portal_client.asp

 

-End- 

Author:Dan Ma