Created
May 6, 2015 15:15
-
-
Save omar-yassin/37d08da804da6e7c7787 to your computer and use it in GitHub Desktop.
Powershell: Install Patches Example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script will first install the "PSWindowsUpdate" PS Module and then install KBs we specify in this script | |
| # KB_ID Description | |
| # KB3042553 MS15-034 Critical: Vulnerability in HTTP.sys Could Allow Remote Code Execution - https://technet.microsoft.com/en-us/library/security/ms15-034.aspx | |
| # TO DO make it more robust where we can pass kb articles by hash and loop check | |
| $kb_to_patch="KB3042553" | |
| $ps_windows_update_zip="C:\Windows\temp\PSWindowsUpdate.zip" | |
| $ps_modules_dir="C:\Windows\System32\WindowsPowerShell\v1.0\Modules" | |
| #add function to expand zip files | |
| # 0x14 flags overwrite - powershell is cray cray! | |
| function Expand-ZIPFile($file, $destination) | |
| { | |
| $shell = new-object -com shell.application | |
| $zip = $shell.NameSpace($file) | |
| foreach($item in $zip.items()) | |
| { | |
| $shell.Namespace($destination).copyhere($item, 0x14) | |
| } | |
| } | |
| Expand-ZIPFile -File "$($ps_windows_update_zip)" -Destination "$($ps_modules_dir)" | |
| Import-Module PSWindowsUpdate | |
| If (Get-WUHistory | findstr "$kb_to_patch") | |
| { | |
| Write-Host "$kb_to_patch is already patched!! Continuing to next bootstrap step.." | |
| Exit | |
| } | |
| Else | |
| { | |
| # We first need to pull the list of updates available | |
| Get-WUList | |
| # For MS15-015 we should autoreboot | |
| Get-WUInstall -verbose -acceptall -autoreboot -kbarticleid $kb_to_patch | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment