Category filter

Script to check Windows hotfixes installed on the device

A hotfix is a software update designed to remove bugs, improve security vulnerabilities and resolve the functionality issues of a computer program. Keeping hotfixes up-to-date on your device improves its performance and reduce security risks. Admins can check for Windows hotfixes installed on their devices and verify them using scripts. With Hexnode UEM, you can remotely deploy custom scripts to your enrolled Windows devices using the Execute Custom Script action.


The sample scripts provided below are adapted from third-party open-source sites.

PowerShell script

Check for specific hotfixes

You can check if a specific hotfix is present on the device, the below script will return the details.

E.g., To get information of a hotfix having ID ‘KB5020872’, Get-hotfix –id KB5020872

The output can be verified from the Action History tab of the device. If the patch is present on the device:

Verify the output after executing the script to check for Windows hotfixes installed

If the patch is not present on the device:

If the hotfix is not installed, the output shows that the hotfix cannot be found

Get the most recently installed hotfix

The below script will check the most recently installed hotfix on the device.

Execute a script to check for most recently installed hotfix


  • It is recommended to manually validate the script execution on a system before executing the action in bulk.
  • Hexnode will not be responsible for any damage/loss to the system on the behavior of the script.

  • Sample Script Repository