Windows Server

PSWindowsUpdate: Manage Windows Server Updates from PowerShell (Install, Schedule, Remote)

Q: Will `-AutoReboot` reboot a production server mid-day?

Yes, if an update needs it. On production, use -IgnoreReboot and schedule the reboot in your maintenance window.

Published June 10, 2026 · by The FixHub Team

On a Server Core box, or any server you’d rather not RDP into just to click “Check for updates,” the PSWindowsUpdate module lets you scan, install, hide, and remove Windows Updates entirely from PowerShell — locally or across a fleet of remote servers. It works on Windows Server 2016 / 2019 / 2022 and pulls straight from the PowerShell Gallery.

Install the module

From an elevated PowerShell session:

Install-Module PSWindowsUpdate -Force
Import-Module PSWindowsUpdate

If it’s the first module you’ve installed from the Gallery, PowerShell may prompt to install the NuGet provider and trust the repository — accept both (or pre-trust it: Set-PSRepository -Name PSGallery -InstallationPolicy Trusted).

Verify:

Get-Command -Module PSWindowsUpdate

Scan for available updates

Get-WindowsUpdate

This lists everything Windows Update is offering — KB number, size, and title — without installing anything. Add -MicrosoftUpdate to also include updates for other Microsoft products (e.g. Defender, Office):

Get-WindowsUpdate -MicrosoftUpdate

Install updates

The everyday one-liner:

Install-WindowsUpdate -AcceptAll -AutoReboot

-AcceptAll answers “yes” to every update so it runs unattended.
-AutoReboot restarts automatically if an update requires it. Prefer to control reboots yourself? Use -IgnoreReboot and reboot on your own schedule.

Install only specific KBs (or exclude one):

Install-WindowsUpdate -KBArticleID KB5050000 -AcceptAll
Install-WindowsUpdate -NotKBArticleID KB5050000 -AcceptAll -IgnoreReboot

Check history and reboot status

Get-WUHistory            # what was installed and when
Get-WURebootStatus       # is a reboot pending?

Patch remote servers (no RDP needed)

Almost every cmdlet takes -ComputerName, so you can patch a whole list over WinRM (which must be enabled on the targets — Enable-PSRemoting -Force):

$servers = 'SRV01','SRV02','SRV03'
Invoke-WUJob -ComputerName $servers -Script {
    Import-Module PSWindowsUpdate
    Install-WindowsUpdate -AcceptAll -AutoReboot
} -RunNow -Confirm:$false

Invoke-WUJob registers a scheduled task on each remote box to run the update under the right context (remote update sessions otherwise fail with a “double-hop” access error — this is the supported way around it).

Schedule monthly patching

Wrap the install in a script and register it as a scheduled task to run after Patch Tuesday:

$action  = New-ScheduledTaskAction -Execute 'powershell.exe' `
  -Argument '-NoProfile -Command "Import-Module PSWindowsUpdate; Install-WindowsUpdate -AcceptAll -AutoReboot"'
$trigger = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Saturday -At 2am
Register-ScheduledTask -TaskName 'Monthly Patching' -Action $action -Trigger $trigger -User 'SYSTEM' -RunLevel Highest

On a standalone server with no WSUS, this gives you predictable, hands-off patching — pair it with disabling Server Manager autostart so the box boots straight to work.

FAQ

Is PSWindowsUpdate from Microsoft? It’s a widely used community module published on the official PowerShell Gallery (by Michal Gajda). Always install from PSGallery, not random downloads.

Will -AutoReboot reboot a production server mid-day? Yes, if an update needs it. On production, use -IgnoreReboot and schedule the reboot in your maintenance window.

Server Core supported? Yes — that’s a prime use case, since Server Core has no update GUI.

Sources: PowerShell Gallery — PSWindowsUpdate, Windows OS Hub — Install and Manage Windows Updates with PSWindowsUpdate