In a comment to Windows API equivalent to "WMIC QFE Get", Raymond Chen wrote that it is incorrect/useless to test if a hotfix is installed. The correct approach is to ask Windows Update if the hotfix is needed (because the fix might be in a roll-up or service pack). Unfortunately he didn't provide any more details.
I would like to know how to do this from the command line (preferably cmd.exe, not powershell). It might be relevant that the machine concerned is not connected to the Internet and the hotfix file will be included on the installation media.
(There are several similar questions asking how to detect if a hotfix is installed, but these all fall foul of Raymond's advice that this is the wrong approach.)
The best (only?) way seems to be to try to install the hotfix, and see what return code you get back from the installer.
Run the wusa.exe command with the /quiet and /norestart options (the /quiet option is probably not necessary but I haven't tried without it) and then look at the return code:
Return Code Description
0 Hotfix installed successfully
3010 Hotfix installed successfully, reboot required
2359302 Hotfix is already installed
-2145124329 Hotfix is not applicableOf course, this will result in the hotfix being installed if it is needed. If you just wanted to test if it is needed without installing it then I think you are out of luck.