Windows Updates via Powershell

Easy on Windows 10:

Install-Module PSWindowsUpdate
Install-WindowsUpdate -AcceptAll -AutoReboot

Harder on Windows 8.1/ Server 2012r2:

Install Dot Net newest verstion

Make sure secure Protocols are enabled
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Install-Module PSWindowsUpdate
Install-Module PowershellGet -Force

Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Wow6432Node\Microsoft.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type DWord

Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type DWord

***may require a reboot after changing registry keys

Import-Module PSWindowsUpdate

if running PowerShell scripts is disabled

set-executionpolicy remotesigned

Show available updates with the following command: Note this will include all driver updates as well


now Install all updates with

Install-WindowsUpdate -AcceptAll -AutoReboot

My objective is to run this on weekends against work PCs, so the AutoReboot won’t impact anyone.

I may have to set the BIOS of each PC to turn on at 6am so the reboots can finish before users arrive at work.

After testing I hope to put this script into RunDeck or use Scheduled Tasks and use RunDeck to update the Scheduled Tasks.


Start-Transcript -Path Computer.log
Write-Host “everything will end up in Computer.log”

more info

if you see this error when using task scheduler you need to use an account that has the “logon as a batch job” rights