You can apply patch baselines to hosts. Depending on the patch criteria you select, patch baselines can be either dynamic or fixed.

Patch data in dynamic baselines changes depending on the criteria you specify each time Update Manager downloads new patches. Fixed baselines contain only the patches you have selected, regardless of new patch downloads.

Verify that you are connected to a vCenter Server system.


Retrieve all host patches released after 1 Jan 2015 for ESXi products, and create a fixed baseline named Static Baseline, containing the retrieved patches.

$patches = Get-Patch -After "1 Jan 2015" -Product "ESXi"
$staticBaseline = New-PatchBaseline -Static -Name "Static Baseline" -IncludePatch $patches

Create a critical dynamic baseline named Dynamic Baseline by using a fetch-all query.

$criticalPatchBaseline = New-PatchBaseline -Dynamic -Name "Dynamic Baseline" -SearchPatchSeverity Critical

Create an extension baseline that contains all available extensions.

$extensions = Get-Patch -BundleType Extension
New-PatchBaseline -Static -Name "Extension Baseline" -Extension -IncludePatch $extensions