Get the current patch level for Windows 10 with PowerShell

Posted on by Trevor Jones in Compliance, Powershell, Reporting, Software Updates

I was working on some updates to our unified reporting solution for Windows Updates (ie WUfB + MEMCM) and I wanted to figure out simply from the OS build number whether a Windows 10 workstation has the latest cumulative update installed. The only reliable and useable static list I could find for Windows 10 build numbers is Microsoft’s Windows 10 Update History web page, so I decided to build a PowerShell script that parses the page to get current patch info.

The script below can be used to report which OS build a Windows 10 workstation is currently on as well as which update is the latest update available to the device. It can also report on all Windows updates published for the version of Windows 10 a workstation is currently on.

Run the script as is to show you:

  • Current OS version
  • Current OS Edition
  • Current OS Build number
  • The installed update that corresponds to that build number, as well as the KB number and a link to the info page
  • The latest available update for the OS version
Get-CurrentPatchInfo

Compare the latest available update with the currently installed one to know if the OS is up-to-date.

If there are Preview or Out-of-band updates available that are more recent than the one you have installed, you can exclude those from being reported as a latest available update, so you can just focus on the cumulative updates.

Get-CurrentPatchInfo -ExcludePreview -ExcludeOutofBand

You can also list all Windows updates that Microsoft have published for your OS version like so:

Get-CurrentPatchInfo -ListAvailable

Again focus on just the cumulative updates if you want by excluding Preview and Out-of-band updates from the list:

Get-CurrentPatchInfo -ListAvailable -ExcludePreview -ExcludeOutofBand

Obviously the script does require internet access and I’ve tested it on PowerShell 5.1 and 7.1.

[CmdletBinding()]
Param(
[switch]$ListAllAvailable,
[switch]$ExcludePreview,
[switch]$ExcludeOutofBand
)
$ProgressPreference = 'SilentlyContinue'
$URI = "https://aka.ms/WindowsUpdateHistory" # Windows 10 release history
Function Get-MyWindowsVersion {
[CmdletBinding()]
Param
(
$ComputerName = $env:COMPUTERNAME
)
$Table = New-Object System.Data.DataTable
$Table.Columns.AddRange(@("ComputerName","Windows Edition","Version","OS Build"))
$ProductName = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' Name ProductName).ProductName
Try
{
$Version = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' Name ReleaseID ErrorAction Stop).ReleaseID
}
Catch
{
$Version = "N/A"
}
$CurrentBuild = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' Name CurrentBuild).CurrentBuild
$UBR = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' Name UBR).UBR
$OSVersion = $CurrentBuild + "." + $UBR
$TempTable = New-Object System.Data.DataTable
$TempTable.Columns.AddRange(@("ComputerName","Windows Edition","Version","OS Build"))
[void]$TempTable.Rows.Add($env:COMPUTERNAME,$ProductName,$Version,$OSVersion)
Return $TempTable
}
Function Convert-ParsedArray {
Param($Array)
$ArrayList = New-Object System.Collections.ArrayList
foreach ($item in $Array)
{
[void]$ArrayList.Add([PSCustomObject]@{
Update = $item.outerHTML.Split('>')[1].Replace('</a','').Replace('&#x2014;','')
KB = "KB" + $item.href.Split('/')[-1]
InfoURL = "https://support.microsoft.com" + $item.href
OSBuild = $item.outerHTML.Split('(OS ')[1].Split()[1] # Just for sorting
})
}
Return $ArrayList
}
If ($PSVersionTable.PSVersion.Major -ge 6)
{
$Response = Invoke-WebRequest Uri $URI ErrorAction Stop
}
else
{
$Response = Invoke-WebRequest Uri $URI UseBasicParsing ErrorAction Stop
}
If (!($Response.Links))
{ throw "Response was not parsed as HTML"}
$VersionDataRaw = $Response.Links | where {$_.outerHTML -match "supLeftNavLink" -and $_.outerHTML -match "KB"}
$CurrentWindowsVersion = Get-MyWindowsVersion ErrorAction Stop
If ($ListAllAvailable)
{
If ($ExcludePreview -and $ExcludeOutofBand)
{
$AllAvailable = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0] -and $_.outerHTML -notmatch "Preview" -and $_.outerHTML -notmatch "Out-of-band"}
}
ElseIf ($ExcludePreview)
{
$AllAvailable = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0] -and $_.outerHTML -notmatch "Preview"}
}
ElseIf ($ExcludeOutofBand)
{
$AllAvailable = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0] -and $_.outerHTML -notmatch "Out-of-band"}
}
Else
{
$AllAvailable = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0]}
}
$UniqueList = (Convert-ParsedArray Array $AllAvailable) | Sort OSBuild Descending Unique
$Table = New-Object System.Data.DataTable
[void]$Table.Columns.AddRange(@('Update','KB','InfoURL'))
foreach ($Update in $UniqueList)
{
[void]$Table.Rows.Add(
$Update.Update,
$Update.KB,
$Update.InfoURL
)
}
Return $Table
}
$CurrentPatch = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'} | Select First 1
If ($ExcludePreview -and $ExcludeOutofBand)
{
$LatestAvailablePatch = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0] -and $_.outerHTML -notmatch "Out-of-band" -and $_.outerHTML -notmatch "Preview"} | Select First 1
}
ElseIf ($ExcludePreview)
{
$LatestAvailablePatch = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0] -and $_.outerHTML -notmatch "Preview"} | Select First 1
}
ElseIf ($ExcludeOutofBand)
{
$LatestAvailablePatch = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0] -and $_.outerHTML -notmatch "Out-of-band"} | Select First 1
}
Else
{
$LatestAvailablePatch = $VersionDataRaw | where {$_.outerHTML -match $CurrentWindowsVersion.'OS Build'.Split('.')[0]} | Select First 1
}
$Table = New-Object System.Data.DataTable
[void]$Table.Columns.AddRange(@('OSVersion','OSEdition','OSBuild','CurrentInstalledUpdate','CurrentInstalledUpdateKB','CurrentInstalledUpdateInfoURL','LatestAvailableUpdate','LastestAvailableUpdateKB','LastestAvailableUpdateInfoURL'))
[void]$Table.Rows.Add(
$CurrentWindowsVersion.Version,
$CurrentWindowsVersion.'Windows Edition',
$CurrentWindowsVersion.'OS Build',
$CurrentPatch.outerHTML.Split('>')[1].Replace('</a','').Replace('&#x2014;',''),
"KB" + $CurrentPatch.href.Split('/')[-1],
"https://support.microsoft.com" + $CurrentPatch.href,
$LatestAvailablePatch.outerHTML.Split('>')[1].Replace('</a','').Replace('&#x2014;',''),
"KB" + $LatestAvailablePatch.href.Split('/')[-1],
"https://support.microsoft.com" + $LatestAvailablePatch.href
)
Return $Table
view raw Get-CurrentPatchInfo.ps1 hosted with ❤ by GitHub

Published by Trevor Jones

One thought on “Get the current patch level for Windows 10 with PowerShell

  1. Pingback: Identify your Windows 10 and Windows 11 Build Numbers using SCCM

Comments are closed.