How do I check the available and installed Windows patches with PowerShell?

Occasionally, a patch may not be seen by Datto RMM even though it is available for a device. While the installed patches can be checked in Settings on the device under Windows Update, the available patches can often only be seen on Windows 10 by checking for updates and running an update on the device.

NOTE This procedure requires PowerShell 2.0 or newer.

Launch PowerShell

Open the Start menu and type PowerShell.
Right-click the PowerShell option and select Run as Administrator from the menu.

Run the PowerShell script

The following script can either be used as a script for a custom component or run in a PowerShell window locally on the device:

Set-ExecutionPolicy Unrestricted
Install-Module -Name PSWindowsUpdate
Import-Module -Name PSWindowsUpdate 

Get-WUList -IsInstalled # This returns the list of installed patches 
Get-WUList # This returns the list of available patches

This script can take some time to return the list to the console. These lists can then be compared to the list of available/installed patches from Datto RMM.

Refer to Microsoft Technet: PSWindowsUpdate module.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Kaseya Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.