Determine if Windows HotFix has been applied

I recently fixed a defect in our product by applying Microsoft hotfix. Some of our customers are still reporting that the issue remains with the hotfix applied. They are using pretty tightly controlled laptops and can't just apply the hotfix themselves. I want to know if there is some way I can check if a hotfix has been applied.

This article and this thread suggest that a hotfix applied with the hfx.exe program will appear in the registry under:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Hotfix\KB nnnn.

However, I see no "Hotfix" key under CurrentVersion (also, I didn't apply the hotfix with hfx.exe, I just ran the file I downloaded from Microsoft and it did the trick). Is there another way to determine if it has been applied?

Devin

Posted 2012-12-18T18:31:36.970

Reputation: 223

What version of Windows are the laptop's running? – David – 2012-12-18T18:40:05.900

Windows 7 Enterprise – Devin – 2012-12-18T18:42:58.263

2That article suggesting to look in the registry is for Windows NT 4.0, and that's it. I'm assuming you aren't running NT 4.0. ;) – Ƭᴇcʜιᴇ007 – 2012-12-18T18:43:30.520

2Touche good sir :) – Devin – 2012-12-18T18:44:05.797

Answers

You can see what updates have been installed on a computer by going to Add/Remove Programs and then clicking View installed updates. The search box comes in very handy here.

Updates Updates

David

Posted 2012-12-18T18:31:36.970

Reputation: 6 593

Although this works actually trying to identify a particular Hotfix can be painful. As I already knew of this method went with the PowerShell 2.0 solution by @oleschri which worked great.

– Lankymart – 2015-07-28T11:04:06.600

1Remember that you can search for a specific Hotfix number by using the top-right search bar. – Stevoisiak – 2017-07-13T21:00:39.893

Yeah, I just realized that myself. I didn't think hotfixes would be in there, but I was wrong. – Devin – 2012-12-18T21:10:22.117

You can use PowerShell 2.0 or greater to detect which hotfixes are installed.

PS> Get-HotFix

To detect whether a specific hotfix (e.g. KB2799904) is installed, write:

PS> Get-HotFix -ID "KB2799904"

~~PS> Get-HotFix | where { $_.HotFixID -eq "KB2799904" }~~

If this returns at least one object, the hotfix is installed.

You can also specify a remote computer with the -ComputerName parameter if you have sufficient permissions on that computer.

oleschri

Posted 2012-12-18T18:31:36.970

Reputation: 1 075

1Better: Get-HotFix -ID KB2799904. That may even run a bit faster if it translates into a WMI filter rather than filtering after the fact. – Christian – 2015-09-02T14:43:56.157

@Christian I updated the answer. – oleschri – 2015-09-08T11:52:37.327

2You don't even need to specify -ID as a parameter, it defaults to it. So get-hotfix kb2799904 – Nacht - Reinstate Monica – 2016-02-25T01:30:38.007

The hotfix's KB article should show file information for what it is updating. They provide version numbers, file sizes and expected time-stamps. If your files match those (or are newer) then you've got the fix (or a newer one that incorporates the older one) applied.

For example (from KB923293):

enter image description here

Ƭᴇcʜιᴇ007

Posted 2012-12-18T18:31:36.970

Reputation: 103 763

How would you know which files to check (if not all of them)? Assume updates A and B both update file F to version X. But only update B contains a critical fix to file G (which is unknown to you) which you are interested in. How would you use this method to make sure file G has the critical fix without knowing what file G is? – Florian Winter – 2017-05-18T06:52:16.647

2This is pretty much the only way I know how to do this. keep in mind the file versions and file dates could be changed in the future so keep that in mind. – Ramhound – 2012-12-18T18:44:18.393

As a more generic (or scriptable) way to do this, you could employ systeminfo which does print a section with a list of hotfixes installed:

C:\Users\user> systeminfo
[...]
Hotfix(s):                 88 Hotfix(s) Installed.
                           [01]: KB2032276
                           [02]: KB2296011
                           [03]: KB2305420
[...]

syneticon-dj

Posted 2012-12-18T18:31:36.970

Reputation: 621

Trouble with this method is that the update list is potentially incomplete. Indeed I've run into this myself in Win7. It seems to max out at 245 updates. Possible explanation: https://support.microsoft.com/en-us/help/2644427/systeminfo.exe-does-not-display-all-updates-in-windows-server-2003

– Jimadine – 2017-05-20T18:51:23.607

Use this WMIC command in an elevated command prompt to get a list of all hotfixes installed. This will not include any updates that were deleted using Disk Cleanup>cleanup system files>windows update cleanup.

wmic qfe

Moab

Posted 2012-12-18T18:31:36.970

Reputation: 54 203

-1

None of the above gave me satisfaction so I tried to re-install & it came up with KBxxxx "already Installed" so that is a good method of proof,

JohnP4216

Posted 2012-12-18T18:31:36.970

Reputation: 1