Installing Hotfixes for windows xp

[Almeida80]

Hi Guys

Not sure if this is the right forum for this, i want to install a number of hotfixes on about 100 pc's running windows xp sp3.

is there a script i can use to just run and install them? without leaving any of the temp folders the hotfixes leave behind?

I read about WSUS, and i'm not able to use it at the moment.

Any help would be great.

thanks

[submix8c]

Windows Updates Downloader (WUD) and/or using several lists (usually links available) gets all/most updates. Also, Microsoft Baseline Security Analyzer (MBSA) from MS may/may not help.

There's no (AFAIK) script available for actually applying the updates to a running system automatically. This you may have to write yourself and it would all depend on what is/isn't already on a given PC. Only other alternative is perhaps nLite+the updates+rollout-reinstall. Even slower (would have to go to each PC to run) would be AutoPatcher (not an MSFN member project, but sometimes recommended).

What do you mean by "temp folders left behind"? Referring to the "Windows\SoftwareDistribution" folder?

edit (before even posting) - OOPS! You can't use nLite for a Commercial Rollout, but it may be good for using to help understand what would be needed. nLite is NOT allowed to be used for other than Personal Use (in the EULA). Tools/lists for obtaining the updates are fine for your purpose since the updates come directly from MS (in line with MS' EULA).

edit - (SEE NEXT POST) - There ya go! The method of delivery will be up to you and probably will (not tried myself since I do unattended) either re-install or be ignored (if already installed). Also note Hotfixes are different than App Installs (e.g. IE7/8/9, WMP10/11, DotNET, etc.) so set your BAT/CMD up accordingly (switches, order of install, etc.).

Edited April 20, 2011 by submix8c

[Guest]

Put all the updates in a folder then run this batch file on them...

for %%a in (*.exe) do (

start /wait %%a /quiet /norestart /nobackup )

pause

Change the switches as you see fit.

[Almeida80]

I tried it but nothing happens

[Guest]

You will only see activity in the command window if you used the /quiet switch.

[Almeida80]

i took the /quiet switch out and it just flashes on the screen and then goes. i checked add/remove programs to see if it got installed but cant find it there.

does the script also stop it leaving these behind

C:\WINDOWS\$NtUninstallKB923561$

C:\c73df26733bea25b2dbd821228e5388e

[Guest]

Check the WINDOWS directory for the update's log file, usually named by KB number such as "KB987654.log".

/nobackup prevents $NtUninstallKB* directories.

The second directory (named for the update's SHA-1 hash) is for temporary extraction and should never be left behind after an update finishes installing.

[Guest]

Sounds like the script is exiting.

If you took it out, put a pause on the last line.

[Almeida80]

Check the WINDOWS directory for the update's log file, usually named by KB number such as "KB987654.log".

/nobackup prevents $NtUninstallKB* directories.

The second directory (named for the update's SHA-1 hash) is for temporary extraction and should never be left behind after an update finishes installing.

how do i make it remove the temporary extraction folder

[Almeida80]

Check the WINDOWS directory for the update's log file, usually named by KB number such as "KB987654.log".

/nobackup prevents $NtUninstallKB* directories.

The second directory (named for the update's SHA-1 hash) is for temporary extraction and should never be left behind after an update finishes installing.

Hi thanks for help,

no logs are appearing

[submix8c]

KB923561 mentions a permissions/work-around problem.

I note that you're showing the C-drive in that post. What method of delivery of the CMD and hotfixes? Copy-and-run (click on CMD) all fixes for each PC? Copy CMD only and run from a mapped drive? User Logon Script?

Help us to help you. Please give more info on methodology. Just a script without a delivery method (100 PC'S!!!) doesn't help us understand "what's going wrong"; All above info provided by "Helpers" thus far is correct.

BTW, this indicates that the mentioned "fix" has been superseded. Maybe you can't apply a hotfix after a newer one has been installed. However (noting the contents mentioned from the link given), may/may not be correct (the fix you mention has additional components). You are installing in the correct order aren't you?

Have you tried the MBSA yet to assist in getting the complete updates list? (Please note again that I haven't done mass-rollouts of Hotfixes.)

[oioldman]

i use something akin to this:

@ECHO off

TITLE Applying Windows Post Service Pack 2 Updates

IF EXIST D:\CD.txt set CDROM=D:

IF EXIST E:\CD.txt set CDROM=E:

IF EXIST F:\CD.txt set CDROM=F:

IF EXIST G:\CD.txt set CDROM=G:

IF EXIST H:\CD.txt set CDROM=H:

IF EXIST I:\CD.txt set CDROM=I:

IF EXIST J:\CD.txt set CDROM=J:

GOTO START

@author Neil Wooloff

@version date

:START

SET /A NUMOFUPDATES=0

ECHO.

ECHO.

ECHO ----------------------------------------------------------------------

ECHO Security Updates Released By Microsoft for Windows XP SP2

ECHO ----------------------------------------------------------------------

ECHO.

ECHO.

ECHO MS Windows XP Service Pack 2

FOR /F "SKIP=4 TOKENS=3*" %%V IN ('REG QUERY "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CSDVersion') DO SET CSDVERSION=%%V %%W

IF "%CSDVERSION%"=="Service Pack 2" (

ECHO is already installed

) ELSE (

ECHO Installing...

%CDROM%\KB835935SP2.exe /quiet /n /f

ECHO Installation complete.

)

ECHO.

ECHO.

ECHO Windows Update v6

ECHO Installing...

%CDROM%\WUv6.exe /wuforce /quiet /norestart

ECHO Installation complete.

ECHO.

ECHO.

ECHO .NET Framework v1.1 with ServicePack 1

REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\.NETFramework\1.1\S867460" > nul 2>&1

IF %ERRORLEVEL% EQU 0 (

ECHO is already installed

) ELSE (

ECHO Installing...

%CDROM%\dotnet11sp1.exe

SET /A NUMOFUPDATES+=1

ECHO Installation complete.

find a topic called install updates from disc

basically copy all updates to a dvd and update the script and run it

when done it will only install the missing ones and tell you how many

but yes, learn wsus be much easier in long term for you