-->

Published date: August 13, 2019. You can now have Security Center send you email notifications when an Azure Government alert is generated. To set up your subscriptions, see Set up email notifications for alerts. Security Center. Windows 10 1903 is supposed to have a small notification icon in the task bar to notify that you that the system needs to restart to complete the installation of updates. It's similar to the yellow exclamation point notification from Windows 7, except that it doesn't notify you until the update installation already started and requires a reboot.

This topic explains how you can stay up to date about service updates from Microsoft.

Microsoft uses service updates to update your configured sandbox and production environments to the latest released version. Microsoft notifies you about upcoming updates to your environments via email and through notifications in Microsoft Dynamics Lifecycle Services (LCS).

Here are the different types of notifications that you will receive:

• Notification when an update is made available: When a new release is made generally available, Microsoft surfaces a notification in your implementation projects' action center. You can then save that update in your projects' asset library, if you want to apply the update to your environments before Microsoft does an automatic update. When Microsoft does an automatic update, it also saves a copy of the update in your projects' asset library.

• Notification that is sent five days before the update: Microsoft notifies you five days before it updates your environment. After you've configured your update cadence, you will receive notifications about upcoming updates five days before they occur. These notifications take three forms:

  • Email notification: Project owners, environment managers, and users who are listed as additional stakeholders for an environment are notified by email about the upcoming update.
  • Notification bar on the environment details page: A notification that appears on the environment details page in LCS informs the customer about the upcoming update.
  • Upcoming update reflects the update: On the environment details page in LCS, select Maintain > Upcoming Update to open a dialog box that contains details about the upcoming update.

• Notification that is sent one hour before the update: One hour before the start of the downtime window, users in the application receive a notification. This notification asks users to save their work, because the environment will be taken down for an update.

• Notification that is sent when the update is completed: After Microsoft has finished updating your configured environment, it notifies you by email about the outcome of the update. This email is always sent, regardless of whether the update was successfully applied. It's sent to project owners, environment managers, and users who are listed as the additional stakeholders for the environment. If Microsoft can't start the update for some reason, the email includes a reason to explain why the update wasn't started.

After you receive a notification, if you can't proceed with the update for some reason, you can pause it. For more information about how to pause updates to configured sandbox and production environments, see Pause service updates through Lifecycle Services (LCS).

For more information about One Version and Microsoft-managed service updates, see One Version service updates FAQ.

This script, will examine the machine it is running on and send an email report of all the windows updates that are available for installation.

The script sends e-mail notifications providing details of which Windows Updates are available for installation. You can choose which of the five patch levels will trigger an e-mail alert:

• Critical
• Important
• Moderate
• Low
• Unclassified

I would suggest that you at least choose Critical, Important and Unclassified. For some reason Microsoft do not mark all updates with a severity, but the “Unclassified” category seems to contain a lot of what I would consider to be important updates. My thanks to one of the guys that commented for pointing this out.

If there are no outstanding patches at the appropriate alert levels to be installed then the script will quit without sending an e-mail.

The script can be run manually or as a scheduled task. The report includes links to the relevant KB articles and further information made available by Microsoft.

Windows update email notification script configuration

The script is very quick to setup and the most complicated part will likely be your SMTP configuration. At the top of the script you will see a number of variables:

Windows Update Alert Levels

First of all you should configure what severity of Windows update will trigger an email alert. These range from critical to low. Setting each value to 1 or 0 will enable or disable alerts for that category. As mentioned above some updates do not have any severity assigned. These seem to be things like Windows Defender definitions or updates to the malicious software removal tool.

I would recommend at least having Critical, Import and and Unclassified set to 1.

Configure email settings

Next you need to configure your SMTP settings:

If you leave the SMTP server empty, the script will attempt to use the local machine to send the email. I suspect most people will use an internal or external relay, so configure it as per your environment. You can use SMTP over SSL by setting the SMTP_UseSSL variable to 1.

Testing Windows Updates Notification Emails

Microsoft Updates Available Notification On Windows 10

1. Download the Script:
   Windows Update Email Notification Script
2. Extract the contents to a folder on your server and then setup the variables to suit your preferences and environment
3. Test the script
   1. Go into a command prompt
   2. Change directory to the location where you saved the script.
   3. Run:
      cscript winupdates.vbs
   4. Check your email

Microsoft Updates Available Notification On Chrome

Once you are happy that the script is reporting correctly, setup a Windows Scheduled Task to do this automatically. Assuming an installation directory of “c:scripts” the scheduled task command should look something like this:

C:WINDOWSsystem32cscript.exe c:scriptswinupdates.vbs

The script uses the Windows Update Agent API Com interface, which is quite interesting in itself.

Sample Email Configurations

Microsoft Update Notification

I originally wrote this script in 2007 and noticed a lot of people were still downloading and using it. So this evening (December 2019), while my wife was at her work Christmas party I decided to see if it still worked and address some of the points made in the comments. I didn’t have a huge amount of time to spend on it, but found time to clean up the code a bit, enhanced the email options and added the functionality to include updates that do not have any severity assigned. It was tested by me on Windows 2008, 2012, 2016 and 2019 and they all worked!

Microsoft Updates Available Notification On Facebook

I am glad people are still fining it useful more than 10 years after I wrote the original version!