Visual Studio Professional update

I know this has been somewhat covered already in other posts but thought mine might be a little different.  We have VS 2017 / 2019 Pro deployed and configured in our environment and we need to update them to the latest patch version to address some vulnerabilities.  Typically the developer handles this on their own but i was hoping i'd be able to handle this w/ PDQ.  If the clients are already setup and configured/in-use is this possible since its just a patch?  I don't work directly w/ VS at all to know how updates work with that so much



Date Votes
  • We use SCCM to patch VS but it has never worked. I have  had to manually log into to the server and run update from Visual Studio. What extension is the patch? I am curious if we can use PDQ for this. I hate dealing with SCCM with extreme passion. Luckly we don't have VS deployed on many machines.

  • I just found this on an MSDN page....not sure if this would do what we're looking for 

    Administrators can update client deployments of Visual Studio without any user interaction with two separate commands:

    • First, update the Visual Studio installer:
      vs_enterprise.exe --quiet --update


    • Then, update the Visual Studio application itself:
      vs_enterprise.exe update --installPath "C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise" --quiet --wait --norestart
  • I also found this powershell method too (not sure if these commands ....1 for 2017, 1 for 2019 do the installer update or not first)


    Start-Process -Wait -FilePath "C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe" -ArgumentList "update --passive --norestart --installpath ""C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise"""
    Start-Process -Wait -FilePath  "C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe" -ArgumentList "update --passive --norestart --installpath ""C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise"""
  • Thanks! I am assuming in PDQ, we would need to CD to location of vs_enterprise.exe and then run the command.

  • yup i'd imagine so.....maybe there is a more elegant way to handle this but if i can just it to work w/ a cmd or PS step it would be a good start.   I wonder if theres a way to get confirmation that it was successful since VS updates can take some time

  • Do you have PDQ Inventory? There should be a dynamic collection for Visual Studio. When I search in PDQ Inventory, I do see all the installs for Visual Studio Code showing me old, not installed and latest. For any software, I created a PDQ dynamic collection with version for old, not install and latest and target my PDQ job on old version using dynamic collection.

  • We do, yup......thats true i could just create similar dynamic collections w/ the up to date pointing to the version we're trying to get to.  The deployments it would just be helpful to get success / failure reports at that point if possible

  • What do you mean get success/failure report? BTW it does look like we would have to create Dynamic collection for Visual Studio Pro. Looks like PDQ provides one for Visual Studio Code but not Pro.

  • right,  those dynamic collections should be pretty simple like you explained w/ Code (i actually used those as templates to build out a bunch of others for our other apps so great idea there!)

    I mean in Deploy when you push out a deployment via a msi or exe it would typically give detailed errors if something goes wrong and shows successful if it returns a successful return code.   I may be wrong but i believe simple cmd steps only report back success if the initial command is successful but not if the full install that the command does is successful

  • I tested your command and it worked. We had an older version of 2017 community version. I ran following command, I changed the folder to community. It took 15 minutes for PDQ to finish.


    Start-Process -Wait -FilePath "C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe" -ArgumentList "update --passive --norestart --installpath ""C:\Program Files (x86)\Microsoft Visual Studio\2017\Community"""

  • awesome!  thanks for the report back! do you know if that command updates the installer first or just does it all? i'm gonna do more testing today as well

  • hmm I am guessing it does both. I just looked at version in control panel.


  • so far my first few tests i showed the same and waiting for a developer to run some tests tomorrow for me to ensure it works alright

  • It didn't update version in control panel?

  • well so it did but seeing something a little control panel i see now it shows v15.9.28307.1525. but if you go into VS to show the version it shows 15.9.36.   Microsofts tech page on this shows 15.9.36 as current so thats good that the script worked to get it to that version but why would control panel show a different version ?

  • That is really weird. I am going to guess that's a MS thing. As long as it doesn't show up vulnerable on any scan, I consider it job done :)



Please sign in to leave a comment.

Didn't find what you were looking for?

New post