Windows Update

This script uses the Get-WindowsUpdate module to check and see if any updates are needed on the user's machine. It can be set to run on a scheduled basis using Task Scheduler and the executionbypass command.

If updates are available, the script will prompt the user to install now or remind the user later. After 3 delays (the user selects the delay button), the user will have no option but to update. If a user exits out of the warning message, the script will still update the machine.

If there are no updates, the script returns "No updates are currently available." to the Powershell host. It will not notify the user to reduce user interaction and interruption.

https://github.com/vangchar/powershell/blob/main/update.ps1

# Check for Windows updates that are not installed and not hidden
$Updates = Get-WindowsUpdate -IsHidden:$false | Where-Object { $_.IsInstalled -eq $false }

# Check if there are updates available
if ($Updates.Count -eq 0) {
    Write-Host "No updates are currently available."
} else {
    # Prompt the user to install updates or delay
    $MaxDelays = 3 # Max nummber of delays
    $DelayInterval = 30 # 30 seconds for testing

    $InstallUpdates = $false  # Initialize flag to indicate whether to install updates

    while ($MaxDelays -gt 0) {
        $Choice = [System.Windows.Forms.MessageBox]::Show(
            "There are new Windows updates available. Please choose one of the following options:`n`nYes) Install updates now and reboot immediately.`nNo) Remind me later.",
            "Windows Updates",
            [System.Windows.Forms.MessageBoxButtons]::YesNo,
            [System.Windows.Forms.MessageBoxIcon]::Information
        )

        if ($Choice -eq [System.Windows.Forms.DialogResult]::Yes) {
            $InstallUpdates = $true  # Set flag to install updates
            break
        } elseif ($Choice -eq [System.Windows.Forms.DialogResult]::No) {
            # Delay updates for the specified interval
            Start-Sleep -Seconds $DelayInterval
            $MaxDelays--
        } else {
            break
        }
    }

    if ($InstallUpdates) {
        # Introduce a delay before installing updates and rebooting
        Start-Sleep -Seconds 30  # Introduce a 30-second delay before installation

        # Install updates and reboot
        Install-WindowsUpdate -AcceptAll -AutoReboot
    } else {
        # Warn the user and enforce updates after three delays
        [System.Windows.Forms.MessageBox]::Show(
            "WARNING: You have no other option but to install updates now to keep your system secure. Please save your work. The computer will restart automatically after installation is complete.`n`nThis may take a few minutues.",
            "Windows Updates",
            [System.Windows.Forms.MessageBoxButtons]::OK,
            [System.Windows.Forms.MessageBoxIcon]::Exclamation
        )
               
                 # Introduce a delay before installing updates and rebooting
        Start-Sleep -Seconds 10  # Introduce a 10-second delay before installation

        # Install updates and reboot
        Install-WindowsUpdate -AcceptAll -AutoReboot
    }
}

Run PowerShell as Administrator

Run Install-Module -Name PSWindowsUpdate

Line 9 – this line defines the maximum number of times that a user can select “remind me later” aka delay the update

Line 10 - this line determines the delay between the notification messages if a user chooses to “Remind me later. For testing purposes, I have it set to 30 seconds. This can change this to any time (e.g., 4 hours).

Line 15-19 – this is the Information prompt that a user gets if there are Windows updates available. NOTE: if there are no updates available, the user will not be prompted and only a message will be written to the PowerShell host.

Lines 41-46 – this is the Warning prompt to let the user know that they can no longer delay the update. You can change the language in line 43

This shows what updates are available are available in the PowerShell host. This will NOT be shown to the user.

If there are no updates, the below will show in the PowerShell host