Forum Discussion
Solved
How to Automate KB5040434 Installation on Multiple VMs?
Hey everyone, I need to install the KB5040434 update on a bunch of VMs. This update is super important because it fixes several vulnerabilities. Doing this one by one is a huge hassle, and each VM a...
- Set Up Azure Automation Account:
Create an Azure Automation account if you don't already have one.
Ensure it has the necessary permissions to manage the VMs.
2. Configure Update Management:
Link your Azure Automation account to the Update Management solution.
Update Management allows you to manage updates for both Windows and Linux VMs.
Since your environment restricts internet access, ensure that your VMs can access your internal WSUS server or another local update repository.
3. Create a Scheduled Deployment:
In Update Management, create a new update deployment.
Select the group of VMs where you want to apply the KB5040434 update.
Since your environment restricts internet access, make sure to choose the option to install updates from your local WSUS server.
Schedule the deployment to run at a specific time.
4. Automate the Process:
Use the Azure Automation Runbooks to script the entire update process, including the restart of VMs after the update is installed.
You can write a PowerShell script that checks for the presence of the KB5040434 update and installs it if necessary.
Here's a sample snippet you can adapt:
powershell
Kodu kopyala
# Sample PowerShell script to install KB5040434
$kb = "KB5040434"
$update = Get-WindowsUpdate -KBArticleID $kb -ComputerName $env:COMPUTERNAME
if (-not $update) {
Write-Output "KB5040434 not found. Installing..."
Install-WindowsUpdate -KBArticleID $kb -AcceptAll -AutoReboot
} else {
Write-Output "KB5040434 is already installed."
}
Hi, probably the best option for that case will be to use Azure Update manager with One-time update, you can easily implement this feature, choose server and this KB once you perform Update checks. Here is documentation https://learn.microsoft.com/en-us/azure/update-manager/deploy-updates?tabs=install-single-overview%2Cinstall-scale-overview
But with Azure Update Manager, am I able to install a KB that is on the C drive of the VMs?
- No, KB is delivered by Agent from Update Manager, but you can choose only thsi one KB.
- The thing is... is think that because of some policy applied to my Environment, I cannot get to the internet to choose a specific or other KBs
😞- Set Up Azure Automation Account:
Create an Azure Automation account if you don't already have one.
Ensure it has the necessary permissions to manage the VMs.
2. Configure Update Management:
Link your Azure Automation account to the Update Management solution.
Update Management allows you to manage updates for both Windows and Linux VMs.
Since your environment restricts internet access, ensure that your VMs can access your internal WSUS server or another local update repository.
3. Create a Scheduled Deployment:
In Update Management, create a new update deployment.
Select the group of VMs where you want to apply the KB5040434 update.
Since your environment restricts internet access, make sure to choose the option to install updates from your local WSUS server.
Schedule the deployment to run at a specific time.
4. Automate the Process:
Use the Azure Automation Runbooks to script the entire update process, including the restart of VMs after the update is installed.
You can write a PowerShell script that checks for the presence of the KB5040434 update and installs it if necessary.
Here's a sample snippet you can adapt:
powershell
Kodu kopyala
# Sample PowerShell script to install KB5040434
$kb = "KB5040434"
$update = Get-WindowsUpdate -KBArticleID $kb -ComputerName $env:COMPUTERNAME
if (-not $update) {
Write-Output "KB5040434 not found. Installing..."
Install-WindowsUpdate -KBArticleID $kb -AcceptAll -AutoReboot
} else {
Write-Output "KB5040434 is already installed."
}