-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathInstall-Updates.ps1
More file actions
112 lines (86 loc) · 2.69 KB
/
Install-Updates.ps1
File metadata and controls
112 lines (86 loc) · 2.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
<#PSScriptInfo
.VERSION 1.4
.GUID 07e4ef9f-8341-4dc4-bc73-fc277eb6b4e6
.AUTHOR Michael Niehaus
.COMPANYNAME Microsoft
.COPYRIGHT
.TAGS Windows AutoPilot Update OS
.LICENSEURI
.PROJECTURI
.ICONURI
.EXTERNALMODULEDEPENDENCIES
.REQUIREDSCRIPTS
.EXTERNALSCRIPTDEPENDENCIES
.RELEASENOTES
Version 1.4: Fixed reboot logic.
Version 1.3: Force use of Microsoft Update/WU.
Version 1.2: Updated to work on ARM64.
Version 1.1: Cleaned up output.
Version 1.0: Original published version.
#>
<#
.SYNOPSIS
Installs the latest Windows 10 quality updates.
.DESCRIPTION
This script uses the PSWindowsUpdate module to install the latest cumulative update for Windows 10.
.EXAMPLE
.\UpdateOS.ps1
#>
[CmdletBinding()]
Param(
[Parameter(Mandatory=$False)] [Switch] $HardReboot = $false
)
Process
{
# If we are running as a 32-bit process on an x64 system, re-launch as a 64-bit process
if ("$env:PROCESSOR_ARCHITEW6432" -ne "ARM64")
{
if (Test-Path "$($env:WINDIR)\SysNative\WindowsPowerShell\v1.0\powershell.exe")
{
& "$($env:WINDIR)\SysNative\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy bypass -NoProfile -File "$PSCommandPath"
Exit $lastexitcode
}
}
# Create a tag file just so Intune knows this was installed
if (-not (Test-Path "$($env:ProgramData)\Microsoft\UpdateOS"))
{
Mkdir "$($env:ProgramData)\Microsoft\UpdateOS"
}
Set-Content -Path "$($env:ProgramData)\Microsoft\UpdateOS\UpdateOS.ps1.tag" -Value "Installed"
# Start logging
Start-Transcript "$($env:ProgramData)\Microsoft\UpdateOS\UpdateOS.log"
# Main logic
$needReboot = $false
Write-Host "Installing updates with HardReboot = $HardReboot."
# Load module from PowerShell Gallery
$null = Install-PackageProvider -Name NuGet -Force
$null = Install-Module PSWindowsUpdate -Force
Import-Module PSWindowsUpdate
# Install all available updates
Get-WindowsUpdate -Install -IgnoreUserInput -AcceptAll -WindowsUpdate -IgnoreReboot | Select Title, KB, Result | Format-Table
$needReboot = (Get-WURebootStatus -Silent).RebootRequired
# Specify return code
if ($needReboot)
{
Write-Host "Windows Update indicated that a reboot is needed."
}
else
{
Write-Host "Windows Update indicated that no reboot is required."
}
# For whatever reason, the reboot needed flag is not always being properly set. So we always want to force a reboot.
# If this script (as an app) is being used as a dependent app, then a hard reboot is needed to get the "main" app to
# install.
if ($HardReboot)
{
Write-Host "Exiting with return code 1641 to indicate a hard reboot is needed."
Stop-Transcript
Exit 1641
}
else
{
Write-Host "Exiting with return code 3010 to indicate a soft reboot is needed."
Stop-Transcript
Exit 3010
}
}