This was orignally post by Maik Koster . Thanks to him for such a wonderful post.
Today I would like to share one of the handiest tools for servicing Windows systems, if they can’t be updated via WSUS or online at Microsoft Update, or if you for any reason want to install the updates from a CD/DVD/USB or even a share.
It’s called WSUS Offline Update (formerly known as c’t offline Update), created and maintained by Torsten Wittrock. It’s main purpose is to download all critical and security related Updates to a local folder and execute the required ones on a system, without the necessity to be connected to the internet or a working WSUS Server.
It supports Updates for Windows XP, Windows Vista, Windows 7, Server 2003, Server 2003 R2, Server 2008 and Server 2008 R2 both in32 and 64 bit (where applicable), Office 2003, Office 2007 and Office 2010. One can select the required languages, in- or exclude ServicePacks, .Net Frameworks, C++ Runtime libraries, Windows Defenders definitions, Microsoft Security Essentials and so on. Updates can come either from Microsoft Update directly or also from your WSUS Server.
Once downloaded, one can create ISO images per product and language or per language only. Or copy a subset of selectable updates on a USB Stick. Then a second component can be called from each individual computer that shall be updated, either locally or over the network. This will then evaluate the current computer against the available updates and install all missing ones plus a bunch of additional items like Internet Explorer, PowerShell, Windows Defender, .Net Frameworks, etc.
OK, let’s have a quick look on how to do that
Now you want to get the updates and optionally create the Update medias. To do so, start the “UpdateGenerator.exe” from the just extracted folder.
As you can see, there are plenty of options what to download and to create. All downloads will be stored in some subfolders at the location, where you started the application from. So be sure to have some space available. We will go over some of the more important ones a bit later. Also be sure to start the download regularly to always have the latest updates available.
Now if you have selected all the products you would like to download updates for, click on “Start” and the download process will start. It will first get a list of all available updates and then just download the ones that haven’t been downloaded already. Depending on your selection and bandwidth, this can take quite some time.
It will also check for superseded Updates, mark and optionally remove them. It’s also maintaining a list of excluded Updates which can be tweaked to your own needs. See the FAQs in the “doc” folder for more information.
. However to do so, just share the Client subfolder and make sure that you map this share with a drive letter on the computer, as the scripts don’t work with a UNC path. Now execute the “UpdateInstaller.exe”. Preferably with Administrative privileges.
The GUI will let you choose only available options. So it might differ depending what you downloaded or have made available on your media and the OS and installed components itself. Interesting to mention here is, that you can tell it to automatically reboot and recall itself as often as required by the Update process. As a side note, the automatic reboot doesn’t work, if you started the process over the network as the temporary account, created for the automatic logon, doesn’t have the appropriate drive mapped. Well, this is the out-of-the-box behavior and as most of the commands are just scripts, it is possible to tweak this to your needs if you really need to have this option available.
However, to start the process, simply click on the “Start” button again and let the magic happen. Just be aware, that it might take some time.
Interesting part here is, that you can also automate the process to keep your medias up to date. In the “cmd” folder you will find a bunch of command line scripts, that you can use for this purpose. E.g. to update your media after each Microsoft Patchday, just create a batch that calls the “DownloadUpdates.cmd” and "CreateISOImage.cmd” (or “CopyToTarget.cmd” for a USB Stick) with the appropriate parameters and schedule it to run on the required dates. Also the execution on the client can be automated as well by either calling the “Update.cmd” file from the root of your media or the “DoUpdate.cmd” from the “cmd” folder. Actually the first one just calls the latter one and as you can see in the screenshot above, also the GUI just calls them with selected parameters.
It is a real benefit to always have a USB Stick available, filled with the latest Updates and ready to execute on any machine whenever needed. Or how about automatically updating your Reference image(s) offline with the latest updates? I will show you how, in the next Blog post
Cheers!!!!!!!!!
Today I would like to share one of the handiest tools for servicing Windows systems, if they can’t be updated via WSUS or online at Microsoft Update, or if you for any reason want to install the updates from a CD/DVD/USB or even a share.
It’s called WSUS Offline Update (formerly known as c’t offline Update), created and maintained by Torsten Wittrock. It’s main purpose is to download all critical and security related Updates to a local folder and execute the required ones on a system, without the necessity to be connected to the internet or a working WSUS Server.
It supports Updates for Windows XP, Windows Vista, Windows 7, Server 2003, Server 2003 R2, Server 2008 and Server 2008 R2 both in32 and 64 bit (where applicable), Office 2003, Office 2007 and Office 2010. One can select the required languages, in- or exclude ServicePacks, .Net Frameworks, C++ Runtime libraries, Windows Defenders definitions, Microsoft Security Essentials and so on. Updates can come either from Microsoft Update directly or also from your WSUS Server.
Once downloaded, one can create ISO images per product and language or per language only. Or copy a subset of selectable updates on a USB Stick. Then a second component can be called from each individual computer that shall be updated, either locally or over the network. This will then evaluate the current computer against the available updates and install all missing ones plus a bunch of additional items like Internet Explorer, PowerShell, Windows Defender, .Net Frameworks, etc.
OK, let’s have a quick look on how to do that
Getting the Updates
First, download the most recent version from WSUS Offline Update (http://download.wsusoffline.net/). Be sure to unblock the file and then extract the content to a folder. Can be locally or on a network share. If you place it on a share, be sure to map it with a Drive letter.Now you want to get the updates and optionally create the Update medias. To do so, start the “UpdateGenerator.exe” from the just extracted folder.
As you can see, there are plenty of options what to download and to create. All downloads will be stored in some subfolders at the location, where you started the application from. So be sure to have some space available. We will go over some of the more important ones a bit later. Also be sure to start the download regularly to always have the latest updates available.
Now if you have selected all the products you would like to download updates for, click on “Start” and the download process will start. It will first get a list of all available updates and then just download the ones that haven’t been downloaded already. Depending on your selection and bandwidth, this can take quite some time.
It will also check for superseded Updates, mark and optionally remove them. It’s also maintaining a list of excluded Updates which can be tweaked to your own needs. See the FAQs in the “doc” folder for more information.
Updating a Client
After the Updates have been downloaded, you an use the created CD/DVD/USB media to update a computer. Optionally it’s also possible to call it over the network, even if that’s not the preferred method and contradicts a bit with the idea of an “Offline” Update. However to do so, just share the Client subfolder and make sure that you map this share with a drive letter on the computer, as the scripts don’t work with a UNC path. Now execute the “UpdateInstaller.exe”. Preferably with Administrative privileges.
The GUI will let you choose only available options. So it might differ depending what you downloaded or have made available on your media and the OS and installed components itself. Interesting to mention here is, that you can tell it to automatically reboot and recall itself as often as required by the Update process. As a side note, the automatic reboot doesn’t work, if you started the process over the network as the temporary account, created for the automatic logon, doesn’t have the appropriate drive mapped. Well, this is the out-of-the-box behavior and as most of the commands are just scripts, it is possible to tweak this to your needs if you really need to have this option available.
However, to start the process, simply click on the “Start” button again and let the magic happen. Just be aware, that it might take some time.
Automation
The whole project has been published under the GNU/GPL and most of its components are vb scripts, batch files or AutoIt scripts. It’s possible to exclude specific Updates, include additional ones, etc. Please see the FAQ (located in the “doc” folder) for some more information on this.Interesting part here is, that you can also automate the process to keep your medias up to date. In the “cmd” folder you will find a bunch of command line scripts, that you can use for this purpose. E.g. to update your media after each Microsoft Patchday, just create a batch that calls the “DownloadUpdates.cmd” and "CreateISOImage.cmd” (or “CopyToTarget.cmd” for a USB Stick) with the appropriate parameters and schedule it to run on the required dates. Also the execution on the client can be automated as well by either calling the “Update.cmd” file from the root of your media or the “DoUpdate.cmd” from the “cmd” folder. Actually the first one just calls the latter one and as you can see in the screenshot above, also the GUI just calls them with selected parameters.
It is a real benefit to always have a USB Stick available, filled with the latest Updates and ready to execute on any machine whenever needed. Or how about automatically updating your Reference image(s) offline with the latest updates? I will show you how, in the next Blog post
Cheers!!!!!!!!!
