#Retrieve all Windows updates
$updates = wmic qfe list /format:csv|convertfrom-csv
#Search through update list and remove each violating update
if ($updates.hotfixid -like "*2990214*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:2990214 /norestart"}
if ($updates.hotfixid -like "*2952664*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:2952664 /norestart"}
if ($updates.hotfixid -like "*3021917*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:3021917 /norestart"}
if ($updates.hotfixid -like "*3022345*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:3022345 /norestart"}
if ($updates.hotfixid -like "*3035583*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:3035583 /norestart"}
if ($updates.hotfixid -like "*3068708*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:3068708 /norestart"}
if ($updates.hotfixid -like "*3075249*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:3075249 /norestart"}
if ($updates.hotfixid -like "*3080149*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /kb:3080149 /norestart"}
#End of Script
If you want to automate the hotfix removal process, add a "/quiet" to the argumentlist. For example:
if ($updates.hotfixid -like "*3080149*"){start-process "c:\windows\system32\wusa.exe" -wait -nonewwindow -argumentlist "/uninstall /quiet /kb:3080149 /norestart"}
Each security update found will pop-up this first window:
Then it will prompt you to confirm the removal of the update:
Lastly, it removes the update:
After running this script, you'll need to restart your computer. Ensure to hide these updates when Windows Updater wants to add them back into your computer.
No comments:
Post a Comment