1

I want to create an application, which should be used to update a computer without internet connection. To solve the problem the software first downloads the current wsusscn2.cab from Microsoft. Then the application should download all possible update files from Microsoft. Both (wsusscn2.cab & updates) must be present on the remote computer (e.g. USB stick) and the program checks which updates needs to be installed on the system. My problem is the second step, where the application should download all the update files.

I've already tried to read out the wsusscn2.cab file, but I can't really find any download URIs for any update. I also tried to use the IUpdateSearcher class to search for updates within the file, but it only finds the updates based on my system (I want every possible update).

UpdateSession session = new UpdateSession();
UpdateServiceManager manager = new UpdateServiceManager();
IUpdateService service = manager.AddScanPackageService("Offline Sync Service", SourceFilePath, 1);
IUpdateSearcher searcher = session.CreateUpdateSearcher();

searcher.ServiceID = service.ServiceID;
ISearchResult result = searcher.Search("IsInstalled=0 OR IsInstalled=1");

// continue with downloading

As I said, the actual output of the Search function is based on my system. I want to be able to get all updates.

Clemens
  • 123,504
  • 12
  • 155
  • 268
Kluddizz
  • 703
  • 3
  • 8
  • I don't think this is a great idea. Not all the updates are applicable to all computers and you don't know which is right for the target computer and which will break it. – Steve Jan 18 '19 at 22:04
  • Are you trying to create a clone of this? https://www.ntlite.com/ – Soonts Jan 18 '19 at 23:51
  • Kind of. Our customers often have no internet connection (cause of security aspects) so the software should install the relevant windows updates. Nothing special, but it seems like I have to parse the KB-numbers to URLs to download them. – Kluddizz Jan 20 '19 at 00:04
  • @Kluddizz maybe WSUS Offline Updater (http://www.wsusoffline.net/) can help? Either by using their product or by looking at the source? – Devator Jan 23 '19 at 19:11
  • I already took a look at the sources of the project and it's a nightmare. I still don't know why I can't search every update depending on an operating system. The Wsusscn2.cab file is useless if I can't get the relevant download links. You still don't need an offline update scan if you can't install updates without an internet connection. – Kluddizz Jan 24 '19 at 01:14

1 Answers1

3

Unfortunately, this can't be done, for several reasons.

  • wsusscn2.cab is only intended for checking a machine's current status in situations where the public Windows Update services or a private WSUS server cannot be accessed. By design, it does not allow updates to be downloaded or installed.
  • For the last several years, wsusscn2.cab does not contain information on all available updates. The update catalog has simply grown too large to keep everything in a reasonably-sized CAB file. For that reason, wsusscn2.cab only contains information on security updates (not on updates in other classifications), as discussed at https://learn.microsoft.com/en-us/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offline .
  • The Windows Update Agent API -- and Windows Update in general -- is designed to tell you what needs to be installed on a given computer. In order to make searches complete in a reasonable time, the WU engine disregards all information on updates that cannot be applicable based on what WU already knows. (For example, once WU establishes that it's running on a PC running Windows 10 1903, it will disregard all updates that cannot be installed on that OS release. Once WU establishes that it's running on a 32-bit OS, it disregards 64-bit-only updates. And so on.) This means that there is no way -- with or without wsusscn2.cab -- to get the Windows Update API to return updates that are not applicable to the current computer. So unless two computers have exactly the same hardware and software configuration, there is no way to do a WUA API search on Computer A that returns updates meant only for Computer B. (The closest you can come to doing this from Computer A is to use WUA's remote capabilities to trigger a scan on Computer B, as discussed in https://learn.microsoft.com/en-us/windows/win32/wua_sdk/using-wua-from-a-remote-computer . )
Mark Phaedrus
  • 196
  • 9