Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

Offline Security Updates Check

- - - - -

  • Please log in to reply
2 replies to this topic

#1
Bilou_Gateux

Bilou_Gateux

    Powered by Windows Embedded

  • Member
  • PipPipPipPipPip
  • 768 posts
  • Joined 03-January 04
How to check if [Critical] Security Updates have been applied with HFSlip without using http://windowsupdate.microsoft.com

1/ download Microsoft Baseline Security Analyser in your language.
2/ install it on your HFslipstreamed Windows running box. Default install path is "%ProgramFiles%\Microsoft Baseline Security Analyzer 2"
3/ download the latest security updates catalog and save it in "%ProgramFiles%\Microsoft Baseline Security Analyzer 2" folder.
4/ Open command prompt:
cmd /k cd /d "%ProgramFiles%\Microsoft Baseline Security Analyzer 2"
5/ run :
mbsacli /catalog wsusscan.cab /n password+IIs+OS+SQL /nd

you will get a screen output of the currently missing and installed [Critical] Security Updates.

To Do:
check what are the required files (dll dependency) and registry keys required to run the command line client without first having to install a lot of bloat from MSFT (as usual)
:}

Feel free to post suggestions or your own experience with this method
OS Version = 5.1.2600 Service Pack 3
Platform ID = 2 (NT)
Service Pack = 3.0
Suite = 0x0140
Product Type = 1
Architecture = x86


How to remove advertisement from MSFN

#2
Oleg_II

Oleg_II

    Senior Member

  • Member
  • PipPipPipPip
  • 679 posts
  • Joined 06-August 04
Very interesting information from you as usual :thumbup
But if it is really can be done without installing M$ Baseline Security Analyser ... :whistle:
Posted Image

#3
Bilou_Gateux

Bilou_Gateux

    Powered by Windows Embedded

  • Member
  • PipPipPipPipPip
  • 768 posts
  • Joined 03-January 04
I have checked the MBSA 2.0 install with regshot tool (before and after install and made a compare).
It's not so bloated. it don't add binary files in other folder than it's own install folder and add a few registry keys:

You can update the registry by running these two commands:
REGSVR32.EXE /s "C:\Program Files\Microsoft Baseline Security Analyzer 2\serversecure.dll"
REGSVR32.EXE /s "C:\Program Files\Microsoft Baseline Security Analyzer 2\xmldb.dll"

Important note:
Microsoft Baseline Security Analyzer (MBSA) 2.0 is built on the Windows Update Agent and Microsoft Update infrastructure. If Windows Update Agent 2.0 isn't installed first (or already slipstreamed into OS source install with HFSlip), MBSA will fail to scan your computer.

My main goal is to install it without using MSI installer because i hate msi packages which add a lot of bloat in registry and in %windir%\Installer folder

Edited by Bilou_Gateux, 27 October 2005 - 03:13 AM.

OS Version = 5.1.2600 Service Pack 3
Platform ID = 2 (NT)
Service Pack = 3.0
Suite = 0x0140
Product Type = 1
Architecture = x86




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users