Worklet: Install / Upgrade to Microsoft Edge Chromium on Windows

This worklet by default will install the latest, stable version for Windows 64-bit. You can also modify $Channel to install the Dev or Beta instead. Here’s the description of the channels:


You can also modify $ProductVersion to specify a particular version you want installed.

It has been tested on systems without any version of Edge pre-existing (ie. Win7) and on others that have the original version of Edge (whose end of life is March 9, 2021) such as Win10 v1909 & v2004.

Evaluation:

$software = "Microsoft Edge";
$installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq $software }) -ne $null

If(-Not $installed) {
	Exit 1
} else {
	Exit 0
}

Remediation:

# Channel options are: Dev, Beta, Stable, EdgeUpdate, Policy
$Channel = 'Stable'

# Where to download the install file
$Folder = "C:\Temp"

$Platform = 'Windows'
$Architecture = 'x64'

# If set, the script will try and download a specific version. If not set it will download the latest.
$ProductVersion = ''

$ErrorActionPreference = "Stop"

$edgeEnterpriseMSIUri = 'https://edgeupdates.microsoft.com/api/products?view=enterprise'

# Enabling connection over TLS for better compability on servers
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12

# Test if HTTP status code 200 is returned from URI
try {
  Invoke-WebRequest $edgeEnterpriseMSIUri -UseBasicParsing | Where-Object StatusCode -match 200 | Out-Null
}
catch {
  Write-Output "Unable to get HTTP status code 200 from $edgeEnterpriseMSIUri. Does the URL still exist?"
  exit 0
}

Write-Output "Getting available files from $edgeEnterpriseMSIUri"

# Try to get JSON data from Microsoft
try {
  $response = Invoke-WebRequest -Uri $edgeEnterpriseMSIUri -Method Get -ContentType "application/json" -UseBasicParsing -ErrorVariable InvokeWebRequestError
  $jsonObj = ConvertFrom-Json $([String]::new($response.Content))
  Write-Output "Successfully retrived data"
}
catch {
  Write-Output "Could not get MSI data: $InvokeWebRequestError"
  exit 0
}

$selectedIndex = [array]::indexof($jsonObj.Product, "$Channel")

if (-not $ProductVersion) {
  try {
    Write-Output "No version specified, getting the latest for $Channel"
    $selectedVersion = (([Version[]](($jsonObj[$selectedIndex].Releases |
            Where-Object { $_.Architecture -eq $Architecture -and $_.Platform -eq $Platform }).ProductVersion) |
        Sort-Object -Descending)[0]).ToString(4)
  
    Write-Output "Latest Version for channel $Channel is $selectedVersion`n"
    $selectedObject = $jsonObj[$selectedIndex].Releases |
    Where-Object { $_.Architecture -eq $Architecture -and $_.Platform -eq $Platform -and $_.ProductVersion -eq $selectedVersion }
  }
  catch {
    Write-Output "Unable to get object from Microsoft."
  }
}
else {
  Write-Output "Matching $ProductVersion on channel $Channel"
  $selectedObject = ($jsonObj[$selectedIndex].Releases |
    Where-Object { $_.Architecture -eq $Architecture -and $_.Platform -eq $Platform -and $_.ProductVersion -eq $ProductVersion })

  if (-not $selectedObject) {
    Write-Output "No version matching $ProductVersion found in $channel channel for $Architecture architecture."
    exit 0
  }
  else {
    Write-Host "Found matching version`n"
  }
}

if (-not (Test-Path $Folder)) {
    New-Item -ItemType Directory -Force -Path $Folder
}

foreach ($artifacts in $selectedObject.Artifacts) {
  # Not showing the progress bar in Invoke-WebRequest is quite a bit faster than default
  $ProgressPreference = 'SilentlyContinue'
  
  Write-Output "Starting download"
  # Work out file name
  $fileName = Split-Path $artifacts.Location -Leaf
  $filePath = $Folder + "\" + $fileName

  try {
    Invoke-WebRequest -Uri $artifacts.Location -OutFile $filePath -UseBasicParsing
  }
  catch {
    Write-Output "Attempted to download file, but failed: $error[0]"
    exit 0
  }    

  if (((Get-FileHash -Algorithm $artifacts.HashAlgorithm -Path $filePath).Hash) -eq $artifacts.Hash) {
    Write-Output "Calculated checksum matches known checksum`n"
  }
  else {
    Write-Output "Checksum mismatch!"
    Write-Output "Expected Hash: $($artifacts.Hash)"
    Write-Output "Downloaded file Hash: $((Get-FileHash -Algorithm $($artifacts.HashAlgorithm) -Path $filePath).Hash)`n"
  }
}
Write-Output "File Downloaded"

msiexec /i "$filePath" /qn /norestart

Start-Sleep -Seconds 30
Remove-Item $filePath
1 Like

If you want this worklet to only apply to workstations (not any servers), use this as your evaluation:

$software = "Microsoft Edge";
$installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq $software }) -ne $null

$osInfo = Get-WmiObject -Class Win32_OperatingSystem

# Check if not installed and endpoint is a workstation
If(-Not $installed -and $osInfo.ProductType -eq 1) {
	Exit 1
} else {
	Exit 0
}