Updated Reporting & 24H2 Updates Remediation

2025-07-22 09:55:32 -04:00
parent 9c8438d7d1
commit 0092fa4a0f
6 changed files with 86 additions and 0 deletions
--- a/Microsoft365/CCX/CCX-Azure-202505191541.md
+++ b/Microsoft365/CCX/CCX-Azure-202505191541.md
--- a/diagrams/Azure.vsdx
+++ b/diagrams/Azure.vsdx
--- a/Updates/CheckUpdateStatus.ps1
+++ b/Updates/CheckUpdateStatus.ps1
@@ -0,0 +1,30 @@
+[datetime]$dtToday = [datetime]::NOW
+$strCurrentMonth = $dtToday.Month.ToString()
+$strCurrentYear = $dtToday.Year.ToString()
+[datetime]$dtMonth = $strCurrentMonth + '/1/' + $strCurrentYear
+
+while ($dtMonth.DayofWeek -ne 'Tuesday') { 
+      $dtMonth = $dtMonth.AddDays(1) 
+}
+
+$strPatchTuesday = $dtMonth.AddDays(7)
+$intOffSet = 7
+
+if ([datetime]::NOW -lt $strPatchTuesday -or [datetime]::NOW -ge $strPatchTuesday.AddDays($intOffSet)) {
+    $objUpdateSession = New-Object -ComObject Microsoft.Update.Session
+    $objUpdateSearcher = $objUpdateSession.CreateupdateSearcher()
+    $arrAvailableUpdates = @($objUpdateSearcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0").Updates)
+    $strAvailableCumulativeUpdates = $arrAvailableUpdates | Where-Object {$_.title -like "*cumulative*"}
+
+    if ($strAvailableCumulativeUpdates -eq $null) {
+        $strUpdateStatus = @{"Update status" = "Up-to-date"}
+    } 
+    else {
+        $strUpdateStatus = @{"Update status" = "Not up-to-date"}
+    }
+} 
+else {
+    $strUpdateStatus = @{"Update status" = "Up-to-date"}
+}
+
+return $strUpdateStatus | ConvertTo-Json -Compress
--- a/Updates/UpdateStatusCheck.JSON
+++ b/Updates/UpdateStatusCheck.JSON
@@ -0,0 +1,18 @@
+{
+"Rules":[ 
+    { 
+       "SettingName":"Update status",
+       "Operator":"IsEquals",
+       "DataType":"String",
+       "Operand":"Up-to-date",
+       "MoreInfoUrl":"https://support.microsoft.com/en-us/topic/windows-11-version-24h2-update-history-0929c747-1815-4543-8461-0160d16f15e5",
+       "RemediationStrings":[ 
+          { 
+             "Language":"en_US",
+             "Title":"Device must be running the latest cumulative update for Windows.",
+             "Description": "Please make sure that the latest cumulative update for Windows is installed."
+          }
+       ]
+    }
+ ]
+}
--- a/Remediations/SoftwareDistribution_Cleanup/detect.ps1
+++ b/Remediations/SoftwareDistribution_Cleanup/detect.ps1
@@ -0,0 +1,11 @@
+$folder = "$env:SystemRoot\SoftwareDistribution"
+$sizeBytes = (Get-ChildItem -Path $folder -Recurse -Force | Measure-Object -Property Length -Sum).Sum
+$sizeGB = $sizeBytes / 1GB
+
+if ($sizeGB -gt 10) {
+    Write-Output 1
+    exit 1
+} else {
+    Write-Output 0
+    exit 0
+}
--- a/Remediations/SoftwareDistribution_Cleanup/remediation.ps1
+++ b/Remediations/SoftwareDistribution_Cleanup/remediation.ps1
@@ -0,0 +1,27 @@
+
+# Stop Windows Update Services the services
+stop-service -Name wuauserv -ErrorAction SilentlyContinue -Force
+stop-service -Name bits -ErrorAction SilentlyContinue -Force
+
+# Delete the contents of the SoftwareDistribution folder
+$softwareDistributionPath = "$env:SystemRoot\SoftwareDistribution\Download"
+if (Test-Path -Path $softwareDistributionPath) {
+    Get-ChildItem -Path $softwareDistributionPath -Recurse | Remove-Item -Force -ErrorAction SilentlyContinue -Recurse
+} else {
+    Write-Host "SoftwareDistribution folder does not exist."
+}
+
+
+
+# Delete the contents of the Catroot2 folder
+$catroot2Path = "$env:SystemRoot\System32\catroot2"
+if (Test-Path -Path $catroot2Path) {
+    Get-ChildItem -Path $catroot2Path -Recurse | Remove-Item -Force -ErrorAction SilentlyContinue -Recurse
+} else {
+    Write-Host "Catroot2 folder does not exist."
+}
+
+
+# Start the services again
+Start-Service -Name wuauserv -ErrorAction SilentlyContinue
+Start-Service -Name bits -ErrorAction SilentlyContinue