How to install Windows Updates from command-line
Solution 1:
Not sure about Windows 7, but with XP/Vista, you could run the following command to detect and download updates:
wuauclt /detectnow /reportnow
If you have issues getting it to work, check out the WSUS Wiki.
Otherwise if you have a specific update that you want, just download from the Microsoft website. If there's some problem preventing you from installing, that's the best way to find out, because the Windows Update logs are godawful to deal with.
Solution 2:
You can use a script to check for, download and install updates synchronously. I often use a modified version of this vbscript for manual patching of Windows Core servers.
Set updateSession = CreateObject("Microsoft.Update.Session")
updateSession.ClientApplicationID = "MSDN Sample Script"
Set updateSearcher = updateSession.CreateUpdateSearcher()
WScript.Echo "Searching for updates..." & vbCRLF
Set searchResult = _
updateSearcher.Search("IsInstalled=0 and Type='Software' and IsHidden=0")
WScript.Echo "List of applicable items on the machine:"
For I = 0 To searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
WScript.Echo I + 1 & "> " & update.Title
Next
If searchResult.Updates.Count = 0 Then
WScript.Echo "There are no applicable updates."
WScript.Quit
End If
WScript.Echo vbCRLF & "Creating collection of updates to download:"
Set updatesToDownload = CreateObject("Microsoft.Update.UpdateColl")
For I = 0 to searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
addThisUpdate = false
If update.InstallationBehavior.CanRequestUserInput = true Then
WScript.Echo I + 1 & "> skipping: " & update.Title & _
" because it requires user input"
Else
If update.EulaAccepted = false Then
WScript.Echo I + 1 & "> note: " & update.Title & _
" has a license agreement that must be accepted:"
WScript.Echo update.EulaText
WScript.Echo "Do you accept this license agreement? (Y/N)"
strInput = WScript.StdIn.Readline
WScript.Echo
If (strInput = "Y" or strInput = "y") Then
update.AcceptEula()
addThisUpdate = true
Else
WScript.Echo I + 1 & "> skipping: " & update.Title & _
" because the license agreement was declined"
End If
Else
addThisUpdate = true
End If
End If
If addThisUpdate = true Then
WScript.Echo I + 1 & "> adding: " & update.Title
updatesToDownload.Add(update)
End If
Next
If updatesToDownload.Count = 0 Then
WScript.Echo "All applicable updates were skipped."
WScript.Quit
End If
WScript.Echo vbCRLF & "Downloading updates..."
Set downloader = updateSession.CreateUpdateDownloader()
downloader.Updates = updatesToDownload
downloader.Download()
Set updatesToInstall = CreateObject("Microsoft.Update.UpdateColl")
rebootMayBeRequired = false
WScript.Echo vbCRLF & "Successfully downloaded updates:"
For I = 0 To searchResult.Updates.Count-1
set update = searchResult.Updates.Item(I)
If update.IsDownloaded = true Then
WScript.Echo I + 1 & "> " & update.Title
updatesToInstall.Add(update)
If update.InstallationBehavior.RebootBehavior > 0 Then
rebootMayBeRequired = true
End If
End If
Next
If updatesToInstall.Count = 0 Then
WScript.Echo "No updates were successfully downloaded."
WScript.Quit
End If
If rebootMayBeRequired = true Then
WScript.Echo vbCRLF & "These updates may require a reboot."
End If
WScript.Echo vbCRLF & "Would you like to install updates now? (Y/N)"
strInput = WScript.StdIn.Readline
WScript.Echo
If (strInput = "Y" or strInput = "y") Then
WScript.Echo "Installing updates..."
Set installer = updateSession.CreateUpdateInstaller()
installer.Updates = updatesToInstall
Set installationResult = installer.Install()
'Output results of install
WScript.Echo "Installation Result: " & _
installationResult.ResultCode
WScript.Echo "Reboot Required: " & _
installationResult.RebootRequired & vbCRLF
WScript.Echo "Listing of updates installed " & _
"and individual installation results:"
For I = 0 to updatesToInstall.Count - 1
WScript.Echo I + 1 & "> " & _
updatesToInstall.Item(i).Title & _
": " & installationResult.GetUpdateResult(i).ResultCode
Next
End If
It seems to work like a charm for that but I've not tested it under Windows 7 of course. There is also a link to another article for targeting a specific update if needed.
There's also a Powershell module that exposes a similar experience.
After a quick look I also found this third party application that also uses the update API, but with some more options (though requiring you to trust third party code).
Solution 3:
If you have to patch Windows operating systems, especailly after fresh installs, take a serious look at Offline Updater.
It uses scripts to download all the patches you suggest (so Win2000, Win XP, Win 2003, Vista, Win2008, Win2012 32 and 64 bit where appropriate), multi language, service packs, .NET frameworks, and Office patches (XP, 2000, 2003, 2007).
Once you have them all downloaded, you just update every patch Tuesday, and get only the changes. Though it does get the catalouges and they are getting longer every day (many megs now per OS/Office rev).
Once you have the files on your local machine downloaded, there is a script to make CD/DVD images of them (it will this automatically for DVD images per OS now if you would like).
What I do is use a 4GB SD memory card, in an SD card reader that honours the write protect tab. I used to use 2GB cards, but I can just barely fit Win XP and most of the Office builds on it now, so I moved on to 4GB cards.
Thus when troubleshooting a machine, I trust inserting this formerly writable device into a untrusted, possibly virus infected machine (since I know nothing about it, I assume it is infected) knowing my device is write protected.
Thus I can patch it up to date as a first step.
If you use the autorun, or launch the executable on the device (key, external HD, CD, DVD, wherever you wrote it) it starts a script that uses the Windows Update service on the local machine to apply all the updates, but instead of going across the wire to download them it just uses the local copy.
Thus it may still take 1+ hours to update a WinXP machine to the latest SP and patches, but there is zero network traffic along the way, and you can do it with the Ethernet cable unplugged entirely.
Amazingly useful tool!
Should not run afoul of Microsoft, like the AutoUpdate guys were, who were pre building a patch CD, that distributed the CD image. This tool updates scripts, and you have to go get all the patches on your licensed Windows workstation.
Solution 4:
Windows Update from Command Line:
www.sysadminsoftware.com/udc.html
The tool (Updates Deployment Commander) can do just what you are asking for. You can also pass parameters to avoid certain patches, target specific updates, reboot N minutes after completing, create reports in CSV, and so on.. It comes with a couple of GUI utilities too.