Portable Update How to update Windows® in an Isolated Environment User guide 2 - Portable Update User Guide About Portable Update PortUp (Portable Update) is a windows-based tool for updating a Microsoft Windows computer in an isolated environment. This is useful in many circumstances: When the computer reside on a secure Lan isolated from internet; When the computer to update does not have access or cannot use a proxy server; When is necessary to completely update a fresh-formatted computer with the last update before to connect it to network; When the computer doesn’t have an hardware network connection at all; When the network connection speed is too low or it is necessary to update the computer very speedily; In all the other cases when is mandatory to have the complete control on the whole updating process without connecting the computer to the network. How it works? To update an isolated computer, PortUp use an external cache to store updates. This cache can reside on any USB external drive or a shared path on a private LAN. Once an update is copied to the cache (the only time that an internet connection is required), the same update will be used for all computer that need that particular update. You will never download twice the same update to use it with different computers or for updating many times the same computer. This is more important if you consider that the dimension of a single update can be reach and exceed 1 GByte. Once the update is stored into the cache folder, the program will use standard Windows Update API services to update your computer. Different updates from different operating systems can reside on the same cache folder because they are individually identified by a code. As result, you can see the log update in the standard update history log as it was done from the normal Windows Update site. Portable Update User Guide - 3 A generic update flowchart Start Download Tools yes Online? no Search Online (1st pass) Search Offline Updates present in cache? Updates present in cache? no no Download updates Go Online and download updates Search Online (2nd pass) USB Cache end yes yes Install Updates end In this flowchart, you can see the Main functionality of the program. The offline scan method: wsusscn2.cab. The big difference between online and offline scan is the database (update metadata) used for scanning. The database for offline updating is represented by the Microsoft Windows Update (WU) offline scan, wsusscn2.cab. Wsusscn2.cabs files is an archive-based file. This file contain security-related update metadata. This metadata is used for scanning for updates that are available on Microsoft Update and which apply to the computer against which the scan is being run. So the Wsusscn2.cab file is used to perform a scan of the computer locally, in an offline manner, without having to be connected to the Microsoft Update Web site. This file is updated regularly as security-related updates are released, removed, or revised on the Windows Update site. It not contain the security updates themselves. Because only the reference of the most important updates regarding security are included in the offline database, this will cause the difference in the scan results respect the most complete online method. 4 - Portable Update User Guide This file is also used by Microsoft Systems Management Server (SMS) or the Microsoft Baseline Security Analyzer (MBSA) to perform an offline security scan. To permit the PortUp offline scan functionality, wsusscn2.cab file have to be downloaded from Microsoft site at address http://go.microsoft.com/fwlink/?LinkID=74689 and stored in the Toolbox folder. More information on wsusscn2.cab can be found at this address: https://msdn.microsoft.com/enus/library/aa387290.aspx Note: Problems can occur during the download of this file and the real-time scan feature of some antivirus: https://support.microsoft.com/en-us/kb/900638. To avoid this, as suggested, is better to include this file in the antivirus exclude-list. The Tools Window Different tools are required to permit PortUp functionality. The most important are: Wsusscn2.cab: the Microsoft Windows Update (WU) offline scan file. Updated regularly from Microsoft is almost big (c.a. 100 Mbyte) and is normally used by Microsoft offline scan tools like the Microsoft Baseline Security Analyzer or the SMS 2003 Inventory Tool for Microsoft Updates (ITMU); WindowsUpdateAgent: is the base engine of Windows Update. Inside this, there is the Agent itself and the last libraries. PortUp needs the version 7.4.7600.226 for functioning, so it try to update it on the client computer if is necessary. Redist. This is needed to know the exact link to download the new agent. This is an example: <?xml version="1.0" ?> <WURedist> <StandaloneRedist Version="35"> <architecture name="x86" clientVersion="7.4.7600.226" downloadUrl="http://download.windowsupdate.com/windowsupdate/redist/standalone/7.4.7600.226/WindowsUpdateAgent30-x86.exe"/> <architecture name="x64" clientVersion="7.4.7600.226" downloadUrl="http://download.windowsupdate.com/windowsupdate/redist/standalone/7.4.7600.226/WindowsUpdateAgent30-x64.exe"/> <architecture name="ia64" clientVersion="7.4.7600.226" downloadUrl="http://download.windowsupdate.com/windowsupdate/redist/standalone/7.4.7600.226/WindowsUpdateAgent30-ia64.exe"/> <MUAuthCab RevisionId="11" DownloadURL="http://download.windowsupdate.com/v9/microsoftupdate/redir/muauth.cab"/> </StandaloneRedist> </WURedist> Tools are colored in red or blue. Red means that the tool are necessary and must be downloaded: PortUp simply cannot run without. Blue one are discretional and can be updated or not. This is the typical case of wsusscn2 that is updated many time by Microsoft, often several times during the same week. Is always preferable to update all tools. The Splash Screen Portable Update User Guide - 5 The Setting Tab On this tab we have many information: Application Path: the current path used by the application. Architecture: x64 or x32 used by the client. OS Serial: the serial of the client. The serial isn’t the product key (!) and is used to know what updates are required by what computer. System is Online: true or false. From name, it reflect the state of the app. If online, the online, more complete metadata will be used, otherwise the app will use the offline one. Online Scan Service: has only means in online mode and select the online database use by Microsoft to scan your client: at present, depending from the OS version, we can choice one of three services: o Windows Update; o Microsoft Update; o Microsoft Store; 6 - Portable Update User Guide The History Tab In this tab, you can find the list of updates succeeded or failed, among many other information: Identity: the code that identify univocally any update; Classification: represents the category to which an update belongs; Description: the description of an update; Installation date: the date and the time an update was applied; Server selection: indicates which server provided an update: o Default (ManagedServer) o ManagedServer: Indicates the managed server, in an environment that uses Windows Server Update Services or a similar corporate update server to manage the computer; o WindowsUpdate: Indicates the Windows Update service; o Others: Indicates some update service other than those listed previously. If the ServerSelection property of a Windows Update Agent API object is set to ssOthers, then the ServiceID property of the object contains the ID of the service. Client Application: the identifier of the client application that processed an update, like Automatic Updates, Windows Defender, etc. Service ID: the service identifier of an update service that is not a Windows update. Operation: value that specifies the operation on an update: Installation or Uninstallation. SupportUrl: a hyperlink to the language-specific support information for an update. The command refresh the tab content. The Search Tab The After a couple of minutes (depend from the client performance) a report is shown and the Search tab will be updated with new results: command initiates a new search in online or offline mode. During scan, a window appear: Portable Update User Guide - 7 Figure 1: Search results Clearly, the number of updates needed (“Install Queue” in the search results report panel) is variable. If the search fail, a summary will explicate the reason. In the case shown in the picture above, the search returned three updates (“The search returned 3 results”), but unfortunately these one aren’t in our cache (“No update ready to be installed”) and we have to download from Microsoft site. Two updates are drivers and one regards the antivirus signature. The third line showing us that we should download 206 updates, three of this are needed now to update the actual client, the other can be downloaded to update this computer (if reformatted) or another similar computer with same OS. The Download Tab The Download Tab permits to download all updates needed to all clients you have launched the scan phase: By default, only the strictly needed updated are flagged. Scrolling the horizontal bar to the right, can reveal the reason: the status is Not Installed: 8 - Portable Update User Guide If you click the button, PortUp will download all updates flagged. Once downloaded, they will be removed from the list: The Install Tab: In this tab you can select the updates you need and with the button Portable Update User Guide - 9 In the last figure, the user choices to ignore one update and to install the other two. At end of the installation phase we have a report that shows installation results: Bibliography This is a small bibliography where found information. Windows Update Agent API Microsoft Baseline Security Analyzer Systems Management Server 2003 https://msdn.microsoft.com/en-us/library/windows/desktop/aa387099(v=vs.85).aspx https://technet.microsoft.com/en-us/security/cc184924.aspx https://technet.microsoft.com/library/en-us/cc181833 10 - Portable Update User Guide Multiple symptoms occur if an antivirus scan occurs while the Wsusscan.cab file or the Wsusscn2.cab file is copied A new version of the Windows Update offline scan file, Wsusscn2.cab, is available for advanced users https://support.microsoft.com/en-us/kb/900638 https://support.microsoft.com/en-us/kb/926464 Disclaimer Any company names, logos, trademarks and product names mentioned or shown on associated website(s) or in software products may be copyright, trademarked or registered trademarked by their respective owners.