For security reasons, it is important to ensure that your system is properly secured by ensuring it has the necessary security updates/Patch required.
This post will focus on how to identify the status of your patch update. It will be done through the command line
A patch is a set of changes to a computer program or its supporting data designed to update, fix, or improve it. This includes fixing security vulnerabilities and other bugs, with such patches usually being called bug fixes or bug fixes, and improving the usability or performance.
KB means Knowledge Base. According to Wikipedia, Microsoft Knowledge Base is a repository of over 200,000 articles made available to the public by Microsoft Corporation. It contains information on many problems encountered by users of Microsoft products. Each article bears an ID number and articles are often referred to by their Knowledge Base (KB) ID
Microsoft releases their security updates through the Knowledge Base when there is a need to patch a vulnerability detected in the current operating system. Thus it is important that your system has the most recent Knowledge Base update.
In this post, we will be using a command called WMIC.
WMIC is the Windows Management Instrumentation Command-line (WMIC). This is a software utility that allows users to performs Windows Management Instrumentation (WMI) operations with a command prompt.
This command can only be used to retrieve updates for Windows operating system and its components (such as Windows Internet Explorer (IE) or Windows Server roles and features).
So let’s begin with the basics.
Open a command prompt window and let us start with the commands below.
To list all installed updates
wmic qfe list full
When searching for a particular Knowledge Base say KB3174644
wmic qfe list |find “KB3174644”
To have it in detail form
wmic qfe list full
To spool it to a file
In this example below I will spool the list to a text file called PatchList.txt in the location “C:\Users\tayo\Documents\PatchList.txt”
wmic qfe list /format:table > C:\Users\tayo\Documents\PatchList.txt
To get the latest security update go to the url below:
Note that a Knowledge Base contains all the prior Knowledge Bases, thus there will be no need for multiple installations.
Eg
Supposing you missed the installation of KB01, KB02, KB03 and KB04 but you were able to get KB05. It is advisable to install only KB05 as it will contain all previous KBs (KB01….04)
And that’s it for this post. Hope you found it educative