Block specific Windows update hotfix

windows-update automatic-updates
24,001

In a larger network you will want to use WSUS as DanBig pointed out. However, if you owant to block an individual hot fix you can do so with the hot fix ID using this script:

If Wscript.Arguments.Count = 0 Then
    WScript.Echo "Syntax: HideWindowsUpdate.vbs [Hotfix Article ID]" & vbCRLF & _
                 "Examples:" & vbCRLF & _
                 "  - Hide KB940157: HideWindowsUpdate.vbs 940157"
    WScript.Quit 1
End If

Dim hotfixId
hotfixId = WScript.Arguments(0)

Dim updateSession, updateSearcher
Set updateSession = CreateObject("Microsoft.Update.Session")
Set updateSearcher = updateSession.CreateUpdateSearcher()

Wscript.Stdout.Write "Searching for pending updates..." 
Dim searchResult
Set searchResult = updateSearcher.Search("IsInstalled=0")

Dim update, kbArticleId, index, index2
WScript.Echo CStr(searchResult.Updates.Count) & " found."
For index = 0 To searchResult.Updates.Count - 1
    Set update = searchResult.Updates.Item(index)
    For index2 = 0 To update.KBArticleIDs.Count - 1
        kbArticleId = update.KBArticleIDs(index2)
        If kbArticleId = hotfixId Then
            WScript.Echo "Hiding update: " & update.Title
            update.IsHidden = True
        End If        
    Next
Next

If the update is not linked to an KB article then you would need to find the update ID using this script:

Dim updateSession, updateSearcher
Set updateSession = CreateObject("Microsoft.Update.Session")
Set updateSearcher = updateSession.CreateUpdateSearcher()

Wscript.Stdout.Write "Searching for pending updates..." 
Dim searchResult
Set searchResult = updateSearcher.Search("IsInstalled=0")

Dim update, kbArticleId, index, index2
WScript.Echo CStr(searchResult.Updates.Count) & " found."
For index = 0 To searchResult.Updates.Count - 1
    Set update = searchResult.Updates.Item(index)
    WScript.Echo update.Identity.UpdateID & ": " & update.Title
Next

And block it using this script:

If Wscript.Arguments.Count = 0 Then
    WScript.Echo "Syntax: HideWindowsUpdateById.vbs [Update ID]" & vbCRLF & _
                 "Examples:" & vbCRLF & _
                 "  - Hide KB940157: HideWindowsUpdateById.vbs 2ba85467-deaf-44a1-a035-697742efab0f"
    WScript.Quit 1
End If

Dim updateId
updateId = WScript.Arguments(0)

Dim updateSession, updateSearcher
Set updateSession = CreateObject("Microsoft.Update.Session")
Set updateSearcher = updateSession.CreateUpdateSearcher()

Wscript.Stdout.Write "Searching for pending updates..." 
Dim searchResult
Set searchResult = updateSearcher.Search("UpdateID = '" & updateId & "'")

Dim update, index
WScript.Echo CStr(searchResult.Updates.Count) & " found."
For index = 0 To searchResult.Updates.Count - 1
    Set update = searchResult.Updates.Item(index)
    WScript.Echo "Hiding update: " & update.Title
    update.IsHidden = True
Next

You can do all of the above in Windows PowerShell as well. I created the scripts in VBScript originally because I wanted to interact with the Windows Update Agent before PoSH was installed. The Windows Update API is documented on MSDN.

Share:
24,001

Related videos on Youtube

I say Reinstate Monica
Author by

I say Reinstate Monica

I am protesting the unjust firing and subsequent treatment of Monica Cellio. Starting points if you're looking for background on this issue: https://judaism.meta.stackexchange.com/q/5193/472 https://meta.stackexchange.com/q/333965/162102

Updated on September 17, 2022

Comments

  • I say Reinstate Monica
    I say Reinstate Monica almost 2 years

    I'd like to leave Windows Automatic Updates enabled but block a specific patch from being installed that is causing us problems.

    Is this possible? Anyone know how to do that?

  • Opmet
    Opmet about 9 years
    very nice! i have slightly modified the script in superuser.com/a/922921/172012 - to accept multiple hotfixes at once.
  • Mark Berry
    Mark Berry over 8 years
    Very helpful, thanks, especially the loop for finding updates by KB number. I've incorporated that into my script for uninstalling and hiding Microsoft Updates: mcbsys.com/blog/2015/11/uninstall-and-hide-windows-updates.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Windows Server 2012 r2 Automatic Updates Registry Values
Is it possible to detect the Windows Update status via registry, to see if the system is "fully updated"?
Automatic Restart of Windows Server 2012R2 after Windows Update
Setup a server to host Windows updates for all LAN devices
Do Windows/Automatic updates happen when a PC is sleeping/standby?
Windows Updates taking a long time to install
Prevent Server Restart after Windows Updates
Building a WSUS server: where to start?
Saving space - deleting WINDOWS\SoftwareDistribution\Download
Uninstalling Windows Hotfix via C# or PowerShell