Windows Auto Update for Stand-alones 1

[Tatertot45]

I have a unique situation and i need some help. I work for a very small company and we are not in a server environment. For security and other reasons, we need to be able to report which machines are patched and updated, and which patches/updates are failed or are missing. Becuase we are not in a server environment of any kind, just 4 Consultants working remotely, we do not have the option of using WSUS. Is there a way to report, by machine, the Update stats to a central person? I have looked far and wide and have not found anything. All machines are running Windows 7 Pro, with 1 machine running Windows 7 Ult.

Any help is appreciated.

Tatertot45
CRCP
A+, Network+
CCNA
MCP

 

[flyboytim]

There are probably more elegant solutions, but you could script and schedule a system reporting application like Belarc Advisor to run, and then automatically email the report produced to the central person.

That would report the installed and failed updates and hotfixes, and how many updates were missing as well as the overall security status of the computer (although Windows 7 security does not seem to be supported yet on the free personal version). Belarc also offers a commercial application.

http://www.belarc.com/free_download.html

Another system information tool is SIW.exe from

http://www.gtopala.com/

- but reports produced are massive, and not laid out for easy consumption.

http://www.fxxxingcomputers.co.uk

 

[Tatertot45]

Do you know if Microsoft has anything like this? Obviously, there is WSUS, but anything like Belarc?

Flyboytime- this was really helpful. thanks for the info.

Tatertot45
CRCP
A+, Network+
CCNA
MCP

 

[flyboytim]

All these system reporting utilities do is to parse parts of the local registry hives, and transform the registry data into a formatted report. Updates in XP were found in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates and the registry branches below that.

With Windows 7 it is, like everything else, much more complicated:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\... and so on. Heaven knows how to make sense of it.

I am not totally sure, but Windows updates must use the Remote Registry Service or something akin to discover the software, hardware and installed and failed updates on the machine being updated. Presumably with the right permissions and network connections, any remote machine could theoretically access that registry data. WSUS localizes updates within a corporate network, I think.

I have no idea offhand how the data would be translated into a report, though.

Another possibility is a remote desktop application, either the Windows in-built version or one of the VNC versions to check the update status. Reports would then be limited to screen dumps, or emails sent from the remote machine.

http://www.fxxxingcomputers.co.uk

 

[Glenn9999]

Is there a way to report, by machine, the Update stats to a central person? I have looked far and wide and have not found anything. All machines are running Windows 7 Pro, with 1 machine running Windows 7 Ult.

I don't know about the remote part, but couldn't you just script something to query Windows Update for things that are missing on each machine? It seems like things are being made a lot harder than they really need to be.

http://msdn.microsoft.com/en-us/library/aa387102(v=vs.85).aspx#21

It is not possible for anyone to acknowledge truth when their salary depends on them not doing it.