windows update – WUA IUpdateSearcher::Search method seems to freeze on only 1 of my servers

SYSTEM Details:
Edition = Windows Server 2019 Standard,
Version = 1809,
OS Build = 17763.2114

My code:
  - $UpdateSession = New-Object -ComObject Microsoft.Update.Session
  - $UpdateServiceManager  = New-Object -ComObject Microsoft.Update.ServiceManager
  - $UpdateService = $UpdateServiceManager.AddScanPackageService("Offline Sync Service", $CabPath, 1)
  - $UpdateSearcher = $UpdateSession.CreateUpdateSearcher()
  - $UpdateSearcher.ServerSelection = 3
  - $UpdateSearcher.ServiceID = $UpdateService.ServiceID.ToString()
  *HANGS HERE* - $Missing = $UpdateSearcher.Search("IsInstalled=0")

PS script runs fine on several other servers with 2012 R2, 2016, and 2019; but, this one is giving me headaches. Once it starts searching, -Verbose stops providing output (with Set-PSDebug -Trace 2). This search method has taken anywhere from 3 – 15 minutes on the other systems, but even after 24 hours it is still on this one line.

On another thread, snip provided below, I found what could be solution, but need to know how to turn search function to async while searching. Or is there another way to debug this API’s method? WSUS was failing to get updates from the servers and some servers were not being recognized from AD or DNS, so I used the WUA api script to search offline.

Previous Post by Elliot Labs LLC >>

I spoke with the manager at Microsoft in charge of Windows Update
(Dave Roth) and he said that you should absolutely not try to get the
status of Windows Update via the registry. He said that you should use
the COM API to get the status by executing the search method and using
the returned results for the update status of your computer.

He also gave me this tip:

As a simple FYI, for checking what updates are installed calling
IUpdateSearcher::Search with IsInstalled=1 will generate an
updatecollection object containing all installed updates. You can walk
through it to see what is already installed.

Expanding on his tip you could potentially call that method with
IsInstalled=0 to see what updates are not installed. (see the
powershell example below).


The COM API is a good way to directly access Windows Update without
having to parse logs. Applications of this API range from finding
available updates on the computer to installing and uninstalling

You could use the Microsoft.Update.Session class to run an update
search and then count the number of updates available to see if there
are any updates for the computer.

PowerShell Example:

$updateObject = New-Object -ComObject Microsoft.Update.Session
$updateObject.ClientApplicationID = “Serverfault Example Script”
$updateSearcher = $updateObject.CreateUpdateSearcher() $searchResults
= $updateSearcher.Search(“IsInstalled=0”) Write-Host $searchResults.Updates.Count If the returned result is more than 0
then there are updates for the computer that need to be installed
and/or downloaded. You can easily update the powershell script to fit
your application.

Just a heads up, it appears that the search function is not async so it would freeze your application while searching. In that case you
will want to make it async.