View Other Properties

Contents

View Other Properties

How to List Pending Updates Across All Windows Devices

Using Kolide, you can easily view and query Windows Pending Updates across your fleet.

Introduction

A list of Windows Updates which are pending or partially installed. These updates include both optional and important updates and include metadata about the update themselves, such as the category they belong to and when they were made available for download.

Kolide collects this information by calling out to the device's configured Windows Update server. As a result, it is possible that available updates will be visible in Kolide before they are visible in the Windows Update tool on a device.

What Windows Pending Update Data Can Kolide Collect?

Kolide's endpoint agent bundles in osquery to efficiently collect Windows Pending Updates from Windows devices in your fleet. Once collected, Kolide will parse, clean up, and centrally store this data in Inventory for your team to view, query, or export via API.

Kolide meticulously documents every piece of data returned so you can understand the results.

Windows Pending Updates Schema

Column Type Description
id Primary Key

Unique identifier for the object

device_id Foreign Key

Device associated with the entry

device_name Text

Display name of the device associated with the entry

categories Text[]

A list of applicable Windows Update applicable categories UUIDs.

description Text

The long-form description of the pending update.

installed Boolean

true if the update has been installed; otherwise false.

kb_articles Text[]

The Microsoft Knowledge Base (KB) articles associated with the update.

last_published_date Date

The precise time the Windows Update was published and became available for this device. (Also known as the time the WSUS Server deployed the update.)

locale Text

The locale associated with the name and description of this update.

name Text

The name of the pending update.

reboot_required Boolean

true if the update requires a system reboot; otherwise false.

security_bulletins Text[]

The security bulletins associated with the update.

supersededed_update_ids Text[]

A list of update_ids that this update supersedes.

update_id Text

The unique identifier associated with the update.

update_type Enum::Text

The precise time the Windows Update became available for this device.

Can be one of the following:

  • Important - An update that Windows will encourage the user to install
  • Optional - An update that is displayed under the "Optional Updates" section of the Windows Update UI
collected_at Timestamp

Time the row of data was first collected in the database

updated_at Timestamp

Time the row of data was last changed in the database

Why Should I Collect Windows Pending Updates?

Pending Windows Updates may be reviewed by an IT or Security administrator to identify devices which are not running the latest version of Windows, or are missing important security patches. Patch management is an important compliance requirement for many organizations.

End-User Privacy Consideration

Kolide practices Honest Security. We believe that data should be collected from end-user devices transparently and with privacy in mind.

No personally identifiable or sensitive data is collected or transmitted as part of this Inventory.

When you use Kolide to list Windows Pending Update data from end-user devices, Kolide gives the people using those devices insight into exactly what data is collected, the privacy implications, and who on the IT team can see the data. This all happens in our end-user privacy center which can be accessed directly by employees.

Share this story:

Related Device Properties:

New
Windows Update Settings
updates, operating-system, security
New
Operating Systems
operating-system, updates
New
Mac Firewall Settings
firewall, operating-system, security
View full list of Kolide's Device Properties
Book A Demo
Book A Demo