• Announcements

    • xper

      MSFN Sponsorship and AdBlockers!   07/10/2016

      Dear members, MSFN is made available via subscriptions, donations and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, become a site sponsor and ads will be disabled automatically and by subscribing you get other sponsor benefits.
Sign in to follow this  
Followers 0

Offline Security Updates Check

3 posts in this topic

How to check if [Critical] Security Updates have been applied with HFSlip without using http://windowsupdate.microsoft.com

1/ download Microsoft Baseline Security Analyser in your language.

2/ install it on your HFslipstreamed Windows running box. Default install path is "%ProgramFiles%\Microsoft Baseline Security Analyzer 2"

3/ download the latest security updates catalog and save it in "%ProgramFiles%\Microsoft Baseline Security Analyzer 2" folder.

4/ Open command prompt:

cmd /k cd /d "%ProgramFiles%\Microsoft Baseline Security Analyzer 2"

5/ run :

mbsacli /catalog wsusscan.cab /n password+IIs+OS+SQL /nd

you will get a screen output of the currently missing and installed [Critical] Security Updates.

To Do:

check what are the required files (dll dependency) and registry keys required to run the command line client without first having to install a lot of bloat from MSFT (as usual)


Feel free to post suggestions or your own experience with this method


Share this post

Link to post
Share on other sites

Very interesting information from you as usual :thumbup

But if it is really can be done without installing M$ Baseline Security Analyser ... :whistle:


Share this post

Link to post
Share on other sites

I have checked the MBSA 2.0 install with regshot tool (before and after install and made a compare).

It's not so bloated. it don't add binary files in other folder than it's own install folder and add a few registry keys:

You can update the registry by running these two commands:

REGSVR32.EXE /s "C:\Program Files\Microsoft Baseline Security Analyzer 2\serversecure.dll"
REGSVR32.EXE /s "C:\Program Files\Microsoft Baseline Security Analyzer 2\xmldb.dll"

Important note:

Microsoft Baseline Security Analyzer (MBSA) 2.0 is built on the Windows Update Agent and Microsoft Update infrastructure. If Windows Update Agent 2.0 isn't installed first (or already slipstreamed into OS source install with HFSlip), MBSA will fail to scan your computer.

My main goal is to install it without using MSI installer because i hate msi packages which add a lot of bloat in registry and in %windir%\Installer folder

Edited by Bilou_Gateux

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.