I have recently been trying to find a way to export a list of some, but not all installed Windows Updates and patches on a Windows 2008 server. WMIC is a Windows command that has been available in Windows for a long time and has become a tool that can perform many kinds of actions and queries.
Microsoft has created a tool called Microsoft Baseline Security Analyzer that helps you determine the security state in accordance with Microsoft security recommendations and offers specific remediation guidance, but I have not tried it to see if all patches and updates are exported.
Open a Windows Command Prompt (cmd.exe) and type the following command
wmic qfe get
The result presented in plain text
Caption CSName Description FixComments HotFixID InstallDate InstalledBy InstalledOn Name ServicePackInEffect Status http://go.microsoft.com/fwlink/?LinkId=133041 PC-NAME Update 982861 pc-name\username 3/20/2011 http://go.microsoft.com/fwlink/?LinkId=161784 PC-NAME Update KB971033 NT AUTHORITY\SYSTEM 8/9/2010 http://support.microsoft.com/?kbid=2305420 PC-NAME Security Update KB2305420 NT AUTHORITY\SYSTEM 12/17/2010 http://support.microsoft.com/?kbid=2393802 PC-NAME Security Update KB2393802 NT AUTHORITY\SYSTEM 2/10/2011 ...
WMIC can also be used to gather other Windows related information and this is a list with many wmic commands I have copied from Tech-Wreck InfoSec Blog: WMIC Command Line Kung-Fu in case the site becomes unavailable.
This site has produced many interesting articles and is well worth a visit.
– wmic process where (Name=’svchost.exe’) get name,processid