'=== This is a temp file. It is okay to delete it. === 'InstallCriticalUpdates.vbs by Alan dot Kaplan at VA dot Gov 3/25/11 'Installs all pending security and critical updates 'Designed for remote execution with PSExec or similar tool dim fso,logfile, iReboot, bMSReboot, appendout Const ForAppend = 8 Set fso = CreateObject("Scripting.FileSystemObject") Dim WshShell: Set WshShell = WScript.CreateObject("WScript.Shell") Dim strComputer : strComputer = "." Dim oService, strSName, strServiceState, i '========== Begin Optional Edits ========== 'Permit reboot after security patches installed '0 Never Reboot after patching '1 Reboot Always '2 Reboot when No users iReboot = 0 'SetServer sets the automatic update source to Microsoft.com 'uncomment next line if you want this 'SetServer On Error Resume Next logfile = "c:\RemoteWSUSLog.txt" 'Name of log file. '======= End Optional Edits ========== strPatchfile = "c:\PatchList.txt" Set appendout = fso.OpenTextFile(logfile, ForAppend, True) Select Case iReboot Case 0 WriteLog "Launched with do not reboot" Case 1 WriteLog "Launched with always reboot" Case 2 WriteLog "Launched permitting reboot if no user is logged on" End Select Set oSession = CreateObject("Microsoft.Update.Session") Set updateSearcher = oSession.CreateupdateSearcher If Err <> 0 Then WriteLog "Update Searcher not created" & Err.Description WScript.Quit End If Set searchResult = updateSearcher.Search("IsInstalled=0 and Type='Software'") If Err <> 0 Then WriteLog "Update Search function failed."& Err.Description WScript.Quit End If If searchResult.Updates.Count = 0 Then WriteLog "There are no applicable updates." WScript.Quit End If 'Creating collection of updates to download Set updatesToDownload = CreateObject("Microsoft.Update.UpdateColl") For I = 0 to searchResult.Updates.Count-1 Set update = searchResult.Updates.Item(I) Set objCategories = update.Categories strCatName = lcase(objCategories.Item(0).Name) If strCatName = "security updates" Or _ strCatName = "critical updates" Or _ InStr(strCatName,"office") And InStr(update.description,"security") Then WriteLog "adding " & update.Title & " to download list." updatesToDownload.Add(update) End If Next 'Downloading updates... If updatestoDownload.count = 0 Then WriteLog "No critical or security patches found to download, quitting." WScript.Quit End If Set downloader = oSession.CreateUpdateDownloader() downloader.Updates = updatesToDownload downloader.Download() Set updatesToInstall = CreateObject("Microsoft.Update.UpdateColl") 'Creating collection of downloaded updates to install For I = 0 To searchResult.Updates.Count-1 set update = searchResult.Updates.Item(I) If update.IsDownloaded Then WriteLog "adding " & update.Title & " to install list." updatesToInstall.Add(update) End If Next WriteLog "Installing updates..." Set installer = oSession.CreateUpdateInstaller() installer.Updates = updatesToInstall Set installationResult = installer.Install() 'Output results of install WriteLog "Installation Result: " & Code2Text(installationResult.ResultCode) WriteLog "Reboot Required: " & installationResult.RebootRequired bMSReboot = installationResult.RebootRequired strMessage = "Listing of updates installed " & _ "and individual installation results:" & VbCrLf For I = 0 to updatesToInstall.Count - 1 strMessage = VbCrLf & strMessage & vbtab & updatesToInstall.Item(i).Title & _ ": " & code2text(installationResult.GetUpdateResult(i).ResultCode) Next WriteLog strMessage If bMSReboot And ((Not(UserLoggedOn) And iReboot = 2) Or iReboot = 1)then WriteLog "Done. Rebooting computer" strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate,(Shutdown)}!\\" & strComputer & "\root\cimv2") Set colOperatingSystems = objWMIService.ExecQuery ("Select * from Win32_OperatingSystem") For Each objOperatingSystem in colOperatingSystems objOperatingSystem.Reboot() Next Else If bMSReboot = False then strmessage ="Done. No reboot required" Else if iReboot = 2 Then strmessage = "Done. Logged on user, not rebooting computer" if iReboot = 0 Then strmessage = "Done. Not rebooting computer" End If WriteLog strmessage End If Sub WriteLog (message) message = now & vbTab & message AppendOut.WriteLine message End Sub Function UserLoggedOn() UserLoggedOn = False If bAlwaysReboot Then Exit Function Dim wshshell Set wshShell = WScript.CreateObject("WScript.Shell") Dim objLocator, objWMIService, objUserInfoList, objUserInfo strComputer = wshShell.ExpandEnvironmentStrings("%COMPUTERNAME%") set objLocator = CreateObject("WbemScripting.SWbemLocator") set objWMIService = objLocator.ConnectServer(strComputer) Set objUserInfoList = objWMIService.InstancesOf("Win32_ComputerSystem") For Each objUserInfo in objUserInfoList If not isnull(objUserInfo.Username) Then UserLoggedOn = True Exit Function End If Next End Function Function Code2Text(iCode) If iCode = 2 Then Code2Text = "Okay" Else Code2Text = "Failed" End If End Function Sub SetServer() Const HKLM = &H80000002 Dim strPath, strEntry, intValue, intReturn, strValue, strHostURL Dim objReg strPath = "SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" strEntry = "WUServer" On Error Resume Next Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv") If Err <> 0 Then WScript.Quit objReg.GetStringValue HKLM, strPath, strEntry, strValue If IsNull(strValue) Then WScript.Quit Else strHostURL = lcase(strValue) End If 'bail if already microsoft.com If instr(strHostURL,"microsoft.com") Then Exit Sub objReg.SetStringValue HKLM, strPath,strEntry, "http://update.microsoft.com" strEntry = "WUStatusServer" objReg.SetStringValue HKLM, strPath,strEntry, "http://update.microsoft.com" strPath = "SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" strEntry = "UseWUServer" objReg.SetDWORDValue HKLM, strPath, strEntry, 0 If Err.Number = 0 Then RestartService Else WScript.Quit End If End Sub Sub RestartService ServiceConnect "WUAUSERV","Automatic Updates" If Err.Number <> 0 Then WScript.Quit 100 ServiceState if strServiceState = "Running" then StopSvc While strServiceState <> "Stopped" Wscript.Sleep 500 ' .5 seconds Wend StartSvc ServiceState End Sub Sub ServiceConnect (strRService, strDisplayName) Dim oCP strSName = strDisplayName Set oCP = GetObject("WinNT://" & strComputer & ",computer") Set oService = oCP.GetObject("Service", strRService) End Sub Sub StopSvc()'Stop service If (oService.Status = 4) Then ' The operation is running. oService.Stop WScript.Sleep 1000 End If For i = 0 To 100 ServiceState If strServiceState = "Stopped" Then Exit For WScript.Sleep 1000 Next If i = 100 Then WScript.Quit End Sub Sub StartSvc() If (oService.Status <> 4) then ' The operation is not running. oService.Start WScript.Sleep 1000 End If For i = 0 To 100 ServiceState If strServiceState = "Running" Then Exit For WScript.Sleep 1000 Next If i = 100 Then wscript.Quit 'MsgBox "Failed to start " & strSName End Sub sub ServiceState() Select Case oService.Status Case 1 strServiceState="Stopped" Case 2 strServiceState="Start Pending" Case 3 strServiceState="Stop Pending" Case 4 strServiceState="Running" Case 5 strServiceState="Continue Pending" Case 6 strServiceState="Pause Pending" Case 7 strServiceState="Paused" Case 7 strServiceState="Error" End Select End Sub