Monthly Update Packs

Windows XP Professional Update Pack discussion.
Post Reply
long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Monthly Update Packs

Post by long-lurker » Mon Jul 15, 2013 10:05 am

thinking out loud ---

i'm wondering how much of a "communal need" there is for a MONTHLY update pack as opposed to a 'cumulative update pack'?


what i mean by that is that the update packs currently available are "cumulative", they slipstream all hotfixes since the release of XP's SP3 (or some subset depending on the pack's goals/objectives)...

and the only way to use them is to slipstream the update pack and RE-INSTALL...

while this works PERFECTLY for one of my computers, sometimes two, it's quite "inconvenient" for three other computers... so those three may end up going SEVERAL MONTHS "unpatched"... or get patched instead via WSUS or WUD...

all legal operating systems, but none have IE installed [for security] (so i cannot use Windows Update)...
Firefox has something (or had, not sure if it's still around) called Windiz, but Firefox has become FAR to INSECURE for my liking...


until THIS MONTH everything was going FINE...
but WSUS won't download THIS MONTH'S UPDATES - http://download.wsusoffline.net/
and WUD hasn't updated its list - http://www.windowsupdatesdownloader.com ... Lists.aspx


so that got me to thinking of OTHER options for MONTHLY updates...
why not, instead of a cumulative "pack", why not a MONTHLY update ".exe"...

run this ".exe" to update Win XP...
run this ".exe" to update IE8...
run this ".exe" to update WMP11...
run this ".exe" to update .NET 1.1, etc...

and these ".exe" MONTHLY updates assume that you are ALREADY up-to-date since LAST MONTH'S "Patch Tuesday"...

you're FULLY PATCHED *not* because you RE-INSTALLED everything, but because you executed a MONTHLY ".exe"...


any thoughts?

long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Post by long-lurker » Mon Jul 15, 2013 10:08 am

in extension, what do the update pack creators here use to obtain their "list" of needed hotfixes?

are there other "tools" out there other than WSUS and WUD?

User avatar
user_hidden
Posts: 1924
Joined: Thu Dec 06, 2007 7:52 am
Location: Canada eh!

Post by user_hidden » Mon Jul 15, 2013 10:38 am

@ long-lurker

TechNet Security Advisories/Bulletins
Microsoft Catalog
Microsoft Download Center

As for exe updates monthly that is what MU is for !

long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Post by long-lurker » Mon Jul 15, 2013 10:54 am

for the most part, sure, i agree...

but you HAVE to have Internet Explorer installed, you HAVE to allow Active-X, you HAVE to have Auto-Updates installed/enabled, et cetera...

in other words, you HAVE to DECREASE your computer's "security shields" just to UPDATE...


i was just thinking that if a given month has SEVEN hotfixes, we could update by running ONE .exe...

SOUNDS like a good idea anyway...

long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Post by long-lurker » Mon Jul 15, 2013 11:07 am

ps - i also firmly believe that "we" can do BETTER than Windows Update...

i "swear to it" that running WU month after month results in a MANGLED registry that SLOWS the pc down...

that SLOW-DOWN effect is one of the reasons that my preference is to RE-INSTALL each and every month for the "primary" computers, it's just not that 'convenient' for the "secondary" computers...


your opinion is "noted"...
i'll await additional opinions before telling myself, "okay, it only sounded like a good idea, it's not that good of one afterall"...

User avatar
5eraph
Site Admin
Posts: 4619
Joined: Tue Jul 05, 2005 9:38 pm
Location: Riverview, MI USA

Post by 5eraph » Mon Jul 15, 2013 12:39 pm

I discover and download the latest updates from the monthly Microsoft Bulletin Summary Web page, and verify the list using the Microsoft Update website (the SSL secured one--using https in the address). I never download or install from MU. Then I use a CMD script to extract them, and to install them using my preferred switches, "/U /N /Z /B:SP2QFE". Finally, I'll verify they're installed correctly by checking the secured MU again.

This is the only purpose for which I use Internet Explorer. For all else I use Firefox without any extensions except Flash. DownloadHelper, and the latest Java (for a print/scan server that requires it).

long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Post by long-lurker » Mon Jul 15, 2013 1:11 pm

could you explain what "/U /N /Z /B:SP2QFE" does?

User avatar
5eraph
Site Admin
Posts: 4619
Joined: Tue Jul 05, 2005 9:38 pm
Location: Riverview, MI USA

Post by 5eraph » Mon Jul 15, 2013 2:11 pm

Standard XP update package switches are explained in KB262841. The /B switch specifies the branch to install as described under "How to force the default branch to QFE at installation" in KB824994.

In summary, "/U /N /Z /B:SP2QFE" means:
  • "Unattended Setup mode. No user interaction is required, but installation status is displayed. If a restart is required at the end of Setup, a dialog box will be presented to the user with a timer warning that the computer will restart in 30 seconds."
  • "Do not back up files for uninstall."
  • "Do not restart the computer when the installation is finished."
  • "[change] the default branch that is used to install a branching package. [...] switch over to the QFE branch."

tomasz86
Posts: 491
Joined: Tue Aug 09, 2011 12:12 pm
Location: https://twilczynski.com/windows
Contact:

Post by tomasz86 » Mon Jul 15, 2013 5:05 pm

You're basically asking for update rollups for different system components.

To have it done in a "clean" way you'd have to merge the updates into such rollups (a rollup is technically just a giant update). Preparing update rollups manually is out of question. You need a tool which would do it automatically. I've been working on a script one of whose functions is to create update rollups but it's not finished yet (that's why I haven't released it).

Still, even being able to do the merging part automatically, maintaining several such rollups would just too much work...

long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Post by long-lurker » Mon Jul 15, 2013 5:13 pm

thanks for the reply...
that makes a great deal of sense (i use a "rollup" for Win2k for a VirtualBox install)...

tomasz86
Posts: 491
Joined: Tue Aug 09, 2011 12:12 pm
Location: https://twilczynski.com/windows
Contact:

Post by tomasz86 » Tue Jul 16, 2013 7:31 am

The idea itself is interesting because if you prepare a complete update pack or a service pack then usually all system components are included there while here you've got separate packages for each of them so people can choose which of them they want to install which is impossible in case of a complete service pack like the USP5 for Windows 2000 by Gurgelmeyer which is just one package with no options to check or uncheck during the installation.

The other benefit of such rollups is that they are much smaller than all those single updates taken separately. Installing and uninstalling is also much easier.

Anyway, when it comes to the technical part of merging updates into rollups I can probably help but there would have to be another person / people who maintain updated lists of updates for different system components.

Post Reply