I got a question from Mike this week:
“Hi steve. Hope all is well. I am the IT manager at a small bank in Texas. We have lots of patch management tools…so I am not looking for that. Before an audit I would like to quickly force all of my machines to download and install the latest security patches from MS. Is there any way to force Windows to do this from the command line? And I mean like right now! 🙂 Not next Tuesday. Thanks!”
I came across a script right on Microsoft’s website that can do something close to what you want:
It has a few issues. First, it tries to install all patches. Like the latest version of Internet Explorer, major service packs, and that ridiculous Windows Search 4.0. These require user intervention, and might even break things.
Another issue with the script is that it does not let you know when it failed because the network is down.
We took that script changed it to only include security updates. That way it gets to the core of the issue – getting the latest security patches, without any extra stuff.
With our new version of the script we created a plugin for Network Administrator. This will allow you to remotely install the latest security patches across your network:
If the computer already is up to date, it will say: “This computer is up to date”
You can tell it to just download, or download and install. There is even an option to reboot when the install is complete:
The free version allows you to work with three computers at a time. You can get it from our download page:
What about that script? If you want to do it yourself without Network Administrator, here is the updated version:
Just rename it to ForceAU.vbs, and call it like this from the command line:
Once it starts, it will zoom through and install the latest security patches:
The script, and the plugin work with Windows XP, 2003, Windows Vista, Windows 7, and Windows 2008.
It does require administrator access, so if your users have a limited account you will need to either use the task scheduler, group policy, or Network Administrator.
One other thing to note, is that it does not install service packs – So keep that in mind when using the plugin, or the script.
One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools