|
|
|||||||
Hi I searched in the forum but didn't find a solution yet . I'd like to check for installed patch on Win2000/XP systems. I found an old script which use the hfnetcheck tool but I wonder if there's something using WMI or similar . |
||||||||
|
|
|||||||
You can check the registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix For example: Code:
|
||||||||
|
|
|||||||
I use this... basically if dirs all the files in the folder $setup+'\Win2k_Hotfixes' and then compares portions of the filename to subkeys of 'HKLM\SOFTWARE\Microsoft\Updates\Windows 2000\SP5' Any file without a matching subkey will get executed. After all the files are compared, if any patches have been installed the PC will restart. A recent modification to this will prevent any patches of over 500KB from being installed on RAS clients Code: ;************************************ W2K HotFix Updates ***************************************** which uses 2 UDFs from the UDF forum... FileList() and arrEnumKey() |
||||||||
|
|
|||||||
Rad, possible to trim long line? Also, how does your script handle clients that fail the install? If this is fully automated and a client install fails, it will keep installing and rebooting in a loop. |
||||||||
|
|
|||||||
well... that's better than windows update, when it's installs fail, it marks them as installed. |
||||||||
|
|
|||||||
It manages every patch applied to 1500 win2k desktops since SP4... and quite frankly, with the nature of the security patches (and security lapses) I wouldn't want an unpatched machine on the network... the reebooting loop that you mentioned (but I haven't seen) would ensure that the potential victim couldn't get on the network for very long to get infected. |
||||||||
|
|
|||||||
LOL Good point there I suppose Rad |
||||||||
|
|
|||||||
Rad...I carnt find arrEnumKey(). Do you have a copy? |
||||||||
|
|
|||||||
arrayenumkey() Maybe the code you used has an older version. Thanks indeed. |