Powershell – Get the actual installed dates of hotfixes

The Get-Hotfix cmdlet has a bug in it that does not always return the installed date for patches, yet in control panel /Windows update the history will show the actual install date.

this little script “fixes” that


        # Param1 help description
Invoke-Command -ScriptBlock {
$Session = New-Object -ComObject Microsoft.Update.Session            
$Searcher = $Session.CreateUpdateSearcher()         
$HistoryCount = $Searcher.GetTotalHistoryCount()            
# http://msdn.microsoft.com/en-us/library/windows/desktop/aa386532%28v=vs.85%29.aspx            
$Searcher.QueryHistory(0,$HistoryCount) | ForEach-Object -Process {            
      $Title = $null            
    if($_.Title -match "\(KB\d{6,7}\)"){            
        # Split returns an array of strings            
        $Title = ($_.Title -split '.*\((KB\d{6,7})\)')[1]            
        $Title = $_.Title            

    # http://msdn.microsoft.com/en-us/library/windows/desktop/aa387095%28v=vs.85%29.aspx            
    $Result = $null            
    Switch ($_.ResultCode)            
        0 { $Result = 'NotStarted'}            
        1 { $Result = 'InProgress' }            
        2 { $Result = 'Succeeded' }            
        3 { $Result = 'SucceededWithErrors' }            
        4 { $Result = 'Failed' }            
        5 { $Result = 'Aborted' }            
        default { $Result = $_ }            
    New-Object -TypeName PSObject -Property @{            
        ComputerName = $ENV:Computername;
        InstalledOn = Get-Date -Date $_.Date;            
        KBArticle = $Title;            
        Name = $_.Title;            
        Status = $Result            
} | Sort-Object -Descending:$true -Property InstalledOn |             
Select-Object -Property *  
} -ComputerName $Computername 

NOTE: WinRM is required to be running and ports open or the remote devices firewall

[BRITV8-WIN7-PC] Connecting to remote server BRITV8-WIN7-PC failed with the following error message : The client cannot connect to the destination specified in the 
request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on 
the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM 
service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (BRITV8-WIN7-PC:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : CannotConnect,PSSessionStateBroken




7 thoughts on “Powershell – Get the actual installed dates of hotfixes

  1. Great script.

    You just need one minor amendment to get $Computername to output. Because it’s inside the Scriptblock, it’s out of scope on the remote computer, therefore you need to change it to $Using:Computername – then it’ll work a treat.

    • Hi!

      I have updates the script so it can pass computernames.
      e.g. save my script as c:\temp\test.ps1
      Create a text file with a list of all computers you want to check
      .e.g. c:\temp\test.txt

      run this code

      $ListOfComputers = Get-Content -path C:\temp\test.txt

      foreach ($item in $ListOfComputers)
      c:\temp\test.ps1 -computername $item
      I will step through the list in the text file and give you the results

  2. Depending on how the hotfixes were installed, this script may return incorrect InstalledOn dates (or miss them altogether). The script will show the dates that are displayed the Control Panel > System and Security > Windows Update > View update history. The same KB install dates in Control Panel > Programs > Programs and Features > Installed Updates can be completely different.

    For example: One of our servers has KB4012215 with an ‘Installed On’ value of 28/02/2019 (Installed Updates) but the same KB has a ‘Date Installed’ value of 07/01/2019 (View update history).

    How hard is it for Microsoft to have one place for all Windows Updates metadata regardless of whether the installed method is via interactive, SCCM, script, …, whatever that can be queried and reported on.

  3. This script doesn’t work on windows 10 and server 2016.
    Even tried to run in locally but failed about WINRM even if WINRM is correctly enable as I can run other command.

    • Hi Frank,
      I have just tested it running on a 2012 R2 server against a 2016 server and running on 2016 server against a 2016 server. It works fine, no errors.

      What error are you getting?

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.