Windows Security Patch - apply via Powershell or alternate

Question

Hello, I hope someone here can provide me with guidance... I have 4 Windows Servers that are configured with SQL Always On and we want to be able to have full control of their monthly patching; right now we are doing them manually just cause they are sensitive and cannot be rebooted easily nor just apply any patch. Is there a way I can at minimum automate via Powershell script to download security patches and apply them , but not to reboot the server. We have other servers that are getting patch via automation Qualys and those are good; is just these 4 we want to be very careful.

Answer 1

Hi,

Thank you for posting in Microsoft Q&A forum.

You can refer to below blog to automate security patches via Powershell script and use –IgnoreReboot parameter to disable reboot. After the installation process is complete, you will see the following message in the PowerShell console: ‘Reboot is required but do it manually’. Thus, you are still required to restart the system, but you can do it at the time which best suits your schedule.

How to Automate Windows Updates Using PowerShell: Short Overview

Note: This is non-Microsoft link, just for your reference. Always test scripts in a controlled environment before applying them to production servers.

Thanks for your time. Have a nice day!

Best regards,

Simon

---

If the response is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.