Windows Updates Not Found in the PDQ Deploy Package Library

Purpose

You wish to create and deploy packages for Windows updates using PDQ Deploy that are not offered in the Package Library.

 

We do offer an alternative utilizing the PS Windows Update module. More information can found in this article:PDQ Package Library and the PSWindowsUpdate PowerShell Module

Resolution

The majority of Windows Updates can be installed using PDQ Deploy, as most Microsoft patches are Microsoft Update Standalone Package (MSU) files. In PDQ Deploy, the Install Step automatically inputs the silent parameters of "/quiet /norestart" for MSU files so you don't have to.

Deploying MSU-based Windows Updates for Supported Operating Systems:

Supported operating systems may be found on the System Requirements page found here: https://www.pdq.com/system-requirements/#target-machines

The following steps can be used to create a package in PDQ Deploy for Windows (MSU) patches for the supported operating systems listed above (requires Enterprise mode). You may also always download an existing Windows Update package from the Package Library, then choose Properties > Options > Convert to Standard Package and modify it as needed.

1. Acquire the desired patch from the Microsoft Update Catalog and save into your Repository or desired location.

2. Create a new Package In PDQ Deploy.

3. Create a new PowerShell step to stop the Windows Update service:

$ErrorActionPreference = "Stop"
$ServiceStartType = (Get-WmiObject win32_Service -Filter "Name='Wuauserv'").StartMode
$Destination = "$env:TEMP\StoredService.txt"
 
# Create $Destination file if it does not already exist
If (-not (Test-Path $Destination)) { 
 
    New-Item -Path $Destination -ItemType File
    
}
 
$ServiceStartType | Out-file -FilePath $Destination -Force
 
If ($ServiceStartType -match "Disabled"){
 
    Set-Service Wuauserv -StartupType Manual
    Write-Output "The Windows Update service startup type has been Changed from Disabled to Manual on $Env:COMPUTERNAME."       
 
}
 
Write-Output "Stopping Windows Update service on $Env:COMPUTERNAME"
Stop-Service -Name wuauserv -Force

4. Create a new Install Step and use the file picker [...] or type the path to select the downloaded MSU Windows update file you downloaded in Step 1 for the Install File.
2.png

Notice that we automatically add the silent parameters and call to wusa.exe for the MSU file.

5. Create a second new PowerShell step to restore the Windows Update service to the previous state:

$ErrorActionPreference = "Stop"
$Destination = "$env:TEMP\StoredService.txt"
$ServiceStartType = (Get-Content $Destination)
$ServiceObject = Get-Service -Name Wuauserv
 
If($ServiceStartType -match "Auto"){
 
    Write-Output "The Windows Update Service startup type is set to Automatic on $Env:COMPUTERNAME"
    Exit 0
 
}
 
Try {
 
    Set-Service Wuauserv -StartupType $ServiceStartType
 
} Catch {
 
     Write-Output "The Windows Update Service could not be reverted back to it's original state on $Env:COMPUTERNAME`n"
    $_
    Exit 0
 
}
 
Write-Output "The Windows Update Service startup type has been reverted back to $ServiceStartType on $Env:COMPUTERNAME"
 
If (Test-Path $Destination) {
    
    Remove-Item $Destination -Force
        
}

6. Adjust the Conditions tab on each step to only deploy to the correct operating systems and architecture as needed.

7. Deploy your newly created package to the desired machines. For example, a collection that lists computers missing a required patch.

See Also

Article - Windows Updates Not Found in the PDQ Inventory Collection Library

Article - Can I Install Windows Updates Using PDQ Deploy?

Web - Microsoft Update Catalog

Was this article helpful?
Still have a question or want to share what you have learned? Visit our Community Discord to get help and collaborate with others.