Batch File to Check MS Patch Updates

[tomlancaster]

Hi, I'm scratching my head at trying to compare a list of expected patch updates (Patch_List.txt) against what actually is installed on a computer.

I'm using a combination of "WMIC QFE" and Registry queries to return a list of KB updates - The problem is when I query the QFE list, it doesn't return what I want based on ERRORLEVEL.

In normal CMD tests, the command returns the expected ERRORLEVEL as 0 as successful, or 1 as unsuccessful. But in the batch file, it always returns 1.

I've used Google searches to spawn this script... Hopefully someone here can fix the script to return the expected results...

Code: [Select]

@ECHO OFF
WMIC QFE GET HOTFIXID>%~dp0QFE_list.txt
FOR /f %%a IN (%~dp0Patch_List.txt) DO (
    CALL :PATCH_LIST %%a

)
GOTO :EOF

:PATCH_LIST
REG QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" /s /f "%1">NULL
IF %ERRORLEVEL% EQU 0 ECHO %1: INSTALLED
IF %ERRORLEVEL% NEQ 0 (
ECHO FIND %1
FIND /C "%1" %~dp0QFE_List.txt>NULL
IF %ERRORLEVEL% EQU 0 ECHO %1: QFE INSTALLED
IF %ERRORLEVEL% NEQ 0 ECHO %1: **** NOT INSTALLED! ****
)

..Thanks in advance 

[Squashman]

You are inside a Code Block.  When you are trying to execute multiple commands inside parentheses you need to use delayed expansion for your variables to work.  But because all you are doing is checking the errorlevel inside the code block just use ERROLEVEL

Code: [Select]

IF ERRORLEVEL 0 ECHO %1: QFE INSTALLED
IF ERRORLEVEL 1 ECHO %1: **** NOT INSTALLED! ****
If you want to use delayed expansion then you need to do this.

Code: [Select]

setlocal enabledelayedexpansion
IF %ERRORLEVEL% NEQ 0 (
ECHO FIND %1
FIND /C "%1" %~dp0QFE_List.txt>NULL
IF !ERRORLEVEL! EQU 0 ECHO %1: QFE INSTALLED
IF !ERRORLEVEL! NEQ 0 ECHO %1: **** NOT INSTALLED! ****
)

[tomlancaster]

Thank you for your help - my script works perfectly now...