What is the best way to deploy hotfix?

**bbmak** · November 12, 2006

Hi:

I found out that it is very annoying to update all the clients computer through windows update.

May I know what is the best way to deploy hotfix from a server? fast and unattended

**AlBundy33** · November 12, 2006

First Option

Maybe WSUS (Windows Server Update Services) is a solutions for you.

It's free but it needs a Windows-Server-Version (e.g. Windows 2003 Server)

After you installed this you can configure your clients to use your server as update-server.

Second Option

Put all your hotfixes at a network-share an create a batchfile which installs them silenty.

Or use the update-pack from winboard.org.

--> It's an sfx-RAR - decompress it, modiy INSTALL.cmd (remoce all PAUSE-commands) an install all hotfixes slently

Third Option

integrate the hotfixes in you XP-CD (nearly all hotfixes support the /integrate-switch

Greetings

Al

**bbmak** · November 12, 2006

Thank you for suggesting, I am trying the 1st method now, which is working great.

For second method, winboard.org update pack, I plan to put a run-once command in Windows RIS. Can you provide a detailed explanation? the website is not in english, which i dont know how to created the hotfixes run silently

First Option
Maybe WSUS (Windows Server Update Services) is a solutions for you.
It's free but it needs a Windows-Server-Version (e.g. Windows 2003 Server)
After you installed this you can configure your clients to use your server as update-server.
Second Option
Put all your hotfixes at a network-share an create a batchfile which installs them silenty.
Or use the update-pack from winboard.org.
--> It's an sfx-RAR - decompress it, modiy INSTALL.cmd (remoce all PAUSE-commands) an install all hotfixes slently
Third Option
integrate the hotfixes in you XP-CD (nearly all hotfixes support the /integrate-switch
Greetings
Al

Edited November 12, 2006 by bbmak

**AlBundy33** · November 12, 2006

1. get the Update-Pack from winboard.org

2. extract the exe-file

3. as you can see, a directory and three files will be extracted (not tested with the english-pack)

4. modifiy install.cmd as described below

5. ready - start install.cmd and all hotfixes will be installed (if necessary)

Modify install.cmd

1. put the following lines after the first set of echos

PUSHD "%~dp0"

set SILENT=false
if /I "%~1"=="-silent" set SILENT=true
if /I "%~1"=="/silent" set SILENT=true

The PUSHD-command changes to the script-directory - even if the batch is started from a network-share

The next three command give you the option to run the script silenty (as you can see with the silent-argument)

At next you can change the path to the logfile - if you want to disable it just set LOG to NUL

SET LOG=NUL

At next we have to modify the PAUSE-commands - just replace each

PAUSE

with

if %SILENT%==false PAUSE

At last we have to add the POP-command after the last PAUSE-line (this is before the last goto :eof before the :Patch1-line)

This is my modified batch from german update pack:

cls
@echo off
@Echo			 Willkommen beim Update-Pack von WinBoard
@echo ----------------------------------------------------------------
@Echo +		 Dieses UpdatePack stammt nicht von MICROSOFT		 +
@Echo +	 Es ist lediglich eine Zusammenstellung von einzelnen	 +
@Echo +	Updates bzw. Patches, die MICROSOFT ver”ffentlicht hat	+
@Echo +															  +
@Echo +		   Es sind nur Updates enthalten, die keine		   +
@Echo +				Echtheitsberprfung erfordern				+
@Echo +															  +
@Echo + Wir bernehmen keinerlei Haftung fr Sch„den an Ihrem System +
@Echo +															  +
@Echo +					 Version 2.20 (WinXP)					 +
@Echo +		  Created by: www.winboard.org (10.10.2006)		   +
@echo ----------------------------------------------------------------

REM ############## section modified ###################
PUSHD "%~dp0"

set SILENT=false
if /I "%~1"=="-silent" set SILENT=true
if /I "%~1"=="/silent" set SILENT=true[/b]

set RegHotfixListe=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix
REM set LOG="%USERPROFILE%\Desktop\UpdatePack.log"
set LOG="%SYSTEMDRIVE%\UpdatePack.log"
REM ############## section modified ###################

echo WinBoard.org UpdatePack >>%LOG%
echo ========================================================= >>%LOG%
echo Version 2.20 für Windows XP >>%LOG%
echo. >>%LOG%
echo Datum der Installation: %Date%, %Time% >>%LOG%
echo ========================================================= >>%LOG%
echo. >>%LOG%
echo. >>%LOG%


@echo.
@echo.
@echo Es werden wie blich nur Patches bercksichtigt, die nach dem
@echo SP2 fr WinXP erschienen sind.
@echo.

@echo BITTE ALLE AKTIVEN ANWENDUNGEN BEENDEN
REM ############## section modified ###################
if %SILENT%==false pause
REM ############## section modified ###################
@echo.
CLS




call :Patch1 898461 WindowsXP-KB898461-x86-DEU.exe "Package Installer fr Windows"
call :Patch1 885894 WindowsXP-KB885894-x86-deu.exe "Probleme beim Installieren von Updates nach SP2"
call :Patch1 885836 WindowsXP-KB885836-x86-DEU.exe "Sicherheitslcke im WordPad"
call :Patch1 873339 WindowsXP-KB873339-x86-DEU.exe "Sicherheitslcke im HyperTerminal"
call :Patch1 885835 WindowsXP-KB885835-x86-DEU.exe "Sicherheitslcke im Windows Kernel und LSASS"


REM ++++++++++++++++++++++++++
REM Version 2.4 (Februar 2005)
REM ++++++++++++++++++++++++++

call :Patch1 887472 WindowsXP-KB887472-x86-deu.exe "Sicherheitslcke im Windows Messenger"
call :Patch1 888302 WindowsXP-KB888302-x86-DEU.exe "Sicherheitslcke in Windows"
call :Patch1 891781 WindowsXP-KB891781-x86-DEU.exe "Sicherheitslcke im ActiveX-Steuerelement"


REM ++++++++++++++++++++++++++
REM Version 2.5 (April 2005)
REM ++++++++++++++++++++++++++

call :Patch1 887742 WindowsXP-KB887742-x86-DEU.exe "Fehlermeldung Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)"
call :Patch1 890859 WindowsXP-KB890859-x86-DEU.exe "Sicherheitslcke in Windows-Kernel"



REM ++++++++++++++++++++++++++
REM Version 2.6 (Juni 2005)
REM ++++++++++++++++++++++++++

call :Patch1 890046 WindowsXP-KB890046-x86-DEU.exe "Sicherheitslcke in Microsoft Agent"
call :Patch1 896358 WindowsXP-KB896358-x86-DEU.exe "Sicherheitslcke in HTML-Hilfe"
call :Patch1 896428 WindowsXP-KB896428-x86-DEU.exe "Sicherheitslcke im Windows Telnet Client"
call :Patch1 898458 StepByStepInteractiveTraining-KB898458-x86-DEU.exe "Sicherheitslcke im Schritt fr Schritt - Interaktives Training"



REM ++++++++++++++++++++++++++
REM Version 2.7 (Juli 2005)
REM ++++++++++++++++++++++++++

call :Patch1 901214 WindowsXP-KB901214-x86-DEU.exe "Sicherheitslcke im Microsoft Color Management Module"



REM ++++++++++++++++++++++++++
REM Version 2.8 (August 2005)
REM ++++++++++++++++++++++++++

call :Patch1 893756 WindowsXP-KB893756-x86-DEU.exe "Sicherheitslcke im Telephony Service"
call :Patch1 896423 WindowsXP-KB896423-x86-DEU.exe "Sicherheitslcke im Print Spooler Service"
call :Patch1 899587 WindowsXP-KB899587-x86-DEU.exe "Sicherheitslcke im Authentifizierungsdienst Kerberos"
call :Patch1 899588 WindowsXP-KB899588-x86-DEU.exe "Sicherheitslcke im Plug and Play"
call :Patch1 899591 WindowsXP-KB899591-x86-DEU.exe "Nach Sicherheitsupdate MS05-012 Probleme mit Generic Host Process"



REM ++++++++++++++++++++++++++
REM Version 2.9 (Oktober 2005)
REM ++++++++++++++++++++++++++

call :Patch1 899589 WindowsXP-KB899589-x86-DEU.exe "Sicherheitslcke im Client Service for Netware"
call :Patch1 900725 WindowsXP-KB900725-x86-DEU.exe "Sicherheitslcke in Windows Shell"
call :Patch1 901017 WindowsXP-KB901017-x86-DEU.exe "Sicherheitslcke in Collaboration Data Objects"
call :Patch1 902400 WindowsXP-KB902400-x86-DEU.exe "Sicherheitslcke im MSDTC und COM+"
call :Patch1 904706 WindowsXP-KB904706-v2-x86-DEU.exe "Sicherheitslcke in DirectShow"
call :Patch1 905414 WindowsXP-KB905414-x86-DEU.exe "Sicherheitslcke im Network Connection Manager"
call :Patch1 905749 WindowsXP-KB905749-x86-DEU.exe "Sicherheitslcke im Plug and Play"


REM ++++++++++++++++++++++++++
REM Version 2.10 (November 2005)
REM ++++++++++++++++++++++++++

call :Patch1 907865 WindowsXP-KB907865-x86-DEU.exe "Sicherheitslcke im IPSec-Richtlinienagenten"
call :Patch1 896424 WindowsXP-KB896424-x86-DEU.exe "Sicherheitslcke in Graphics Rendering Engine"


REM ++++++++++++++++++++++++++
REM Version 2.11 (Dezember 2005)
REM ++++++++++++++++++++++++++

call :Patch1 910437 WindowsXP-KB910437-x86-DEU.exe "Korrektur fr Auto/Windows Update"
call :Patch1 908521 WindowsXP-KB908521-x86-DEU.exe "Probleme im RPC-Dienst"



REM ++++++++++++++++++++++++++
REM Version 2.12 (11.01.2006)
REM ++++++++++++++++++++++++++

call :Patch1 898900 WindowsXP-KB898900-v2-x86-DEU.exe "DFS Namespaces Client failback feature"
call :Patch1 912919 WindowsXP-KB912919-x86-DEU.exe "Sicherheitslcke in Grafik-Wiedergabe-Modul"
call :Patch1 900485 WindowsXP-KB900485-v2-x86-DEU.exe "Error Stop 0x7E in Windows XP SP2"
call :Patch1 908519 WindowsXP-KB908519-x86-DEU.exe "Sicherheitslcke in eingebetteten Webschriftarten"


REM ++++++++++++++++++++++++++
REM Version 2.13 (14.02.2006)
REM ++++++++++++++++++++++++++

call :Patch1 911564 WindowsMedia-KB911564-x86-DEU.exe "Scherheitslcke im Windows Media Player"
call :Patch1 911927 WindowsXP-KB911927-x86-DEU.exe "Sicherheitslcke im Web Client Service"
call :Patch1 901190 WindowsXP-KB901190-x86-DEU.exe "Sicherheitslcke im Korean Input Method Editor"


REM ++++++++++++++++++++++++++
REM Version 2.14 (11.04.2006)
REM ++++++++++++++++++++++++++

call :Patch1 911567 WindowsXP-KB911567-x86-DEU.exe "Kumulatives Sicherheitsupdate fr Outlook Express"
call :Patch1 908531 WindowsXP-KB908531-x86-DEU.exe "Sicherheitslcke im Internet Explorer"
call :Patch1 911562 WindowsXP-KB911562-x86-DEU.exe "Sicherheitslcke in Microsoft Data Access Components (MDAC)"


REM ++++++++++++++++++++++++++
REM Version 2.15 (09.05.2006)
REM ++++++++++++++++++++++++++

call :Patch1 913580 WindowsXP-KB913580-x86-DEU.exe "Sicherheitslcke im MS DTC-Dienst"
call :Patch2 913433 Windows-KB913433-x86-DEU.exe "Sicherheitslcke im Flash Player"


REM ++++++++++++++++++++++++++
REM Version 2.16 (13.06.2006)
REM ++++++++++++++++++++++++++

call :Patch1 918439 WindowsXP-KB918439-x86-DEU.exe "Sicherheitslcke im Internet Explorer"
call :Patch1 911280 WindowsXP-KB911280-v2-x86-DEU.exe "Sicherheitslcke im RAS Verbindungsmanager"
call :Patch1 917734_WMP10 WindowsMedia10-KB917734-x86-DEU.exe "Sicherheitslcke im Media Player 10"
call :Patch1 917734_WMP9 WindowsMedia9-KB917734-x86-DEU.exe "Sicherheitslcke im Media Player 9"
call :Patch1 914389 WindowsXP-KB914389-x86-DEU.exe "Sicherheitslcke im SMB-Dienst"
call :Patch1 917953 WindowsXP-KB917953-x86-DEU.exe "Sicherheitslcke im TCP/IP-Protokoll"
call :Patch1 917344 WindowsXP-KB917344-x86-DEU.exe "Sicherheitslcke im Windows Scripting Host"


REM ++++++++++++++++++++++++++
REM Version 2.17 (12.07.2006)
REM ++++++++++++++++++++++++++

call :Patch3 917283 NDP20-KB917283-X86.exe "Sicherheitslcke im ASP.NET"
call :Patch1 914388 WindowsXP-KB914388-x86-DEU.exe "Sicherheitslcke im DHCP Client Dienst"
call :Patch1 917537 WindowsXP-KB917537-x86-DEU.exe "Sicherheitslcke im Internetinformationsdienst"



REM ++++++++++++++++++++++++++
REM Version 2.18 (08.08.2006)
REM ++++++++++++++++++++++++++

call :Patch1 921883 WindowsXP-KB921883-x86-DEU.exe "Sicherheitslcke Windows Server-Dienst"
call :Patch1 920683 WindowsXP-KB920683-x86-DEU.exe "Sicherheitslcke in Windows DNS-Aufl”sung"
call :Patch1 918899 WindowsXP-KB918899-x86-DEU.exe "Kumulatives Sicherheitsupdate fr den Internet Explorer"
call :Patch1 920214 WindowsXP-KB920214-x86-DEU.exe "Sicherheitslcke in Windows erlaubt Code-Ausfhrung"
call :Patch1 921398 WindowsXP-KB921398-x86-DEU.exe "Sicherheitslcke im Windows Explorer"
call :Patch1 922616 WindowsXP-KB922616-x86-DEU.exe "Sicherheitslcke in der HTML-Hilfe von Windows"
call :Patch1 920670 WindowsXP-KB920670-x86-DEU.exe "Sicherheitslcke in Windows Hyperlink Object Library"
call :Patch1 917422 WindowsXP-KB917422-x86-DEU.exe "Sicherheitslcke im Windows Kernel erlaubt Code-Ausfhrung"




REM ++++++++++++++++++++++++++
REM Version 2.19 (12.09.2006)
REM ++++++++++++++++++++++++++


call :Patch1 920685 WindowsXP-KB920685-x86-DEU.exe "Sicherheitslcke im Index-Dienst"
call :Patch1 919007 WindowsXP-KB919007-x86-DEU.exe "Sicherheitslcke im Reliable Multicast-Protokoll"



REM ++++++++++++++++++++++++++
REM Version 2.20 (10.10.2006)
REM ++++++++++++++++++++++++++


call :Patch1 925486 WindowsXP-KB925486-x86-DEU.exe "Sicherheitslcke bei der Verarbeitung von VML-Dateien"
call :Patch3 922770 NDP20-KB922770-X86.exe "Sicherheitslcke in ASP.NET 2.0"
call :Patch1 923191 WindowsXP-KB923191-x86-DEU.exe "Sicherheitslcke im Internet Explorer"
call :Patch1 924191 WindowsXP-KB924191-x86-DEU.exe "Sicherheitslcke in den XML Core Services"
call :Patch1 923414 WindowsXP-KB923414-x86-DEU.exe "Sicherheitslcke im Server Service"
call :Patch1 924496 WindowsXP-KB924496-x86-DEU.exe "Sicherheitslcke im TCP/IPv6-Protokoll"
call :Patch1 922819 WindowsXP-KB922819-x86-DEU.exe "Sicherheitslcke im Windows Object Packager"







CLS
@ECHO.
@ECHO Alle Sicherheitsupdates wurden installiert.
@ECHO.
@ECHO BITTE DEN RECHNER NEU STARTEN
@ECHO.
@ECHO.
REM ############## section modified ###################
if %SILENT%==false pause
POPD
REM ############## section modified ###################
goto:eof






:Patch1
@echo INSTALLIERE Patch KB%1
@echo --------------------------------
@echo %3

Data\reg query "%RegHotfixListe%\KB%1" /v Installed 2>NUL | FIND "0x1" >Nul 2>NUL
if "%errorlevel%"=="0" (
   echo ++++ Patch ist schon installiert
   echo Patch %1 war bereits installiert >>%LOG%
) ELSE (
   start /wait Data\%2 /passive /norestart
   echo Patch %1 wurde installiert >>%LOG%
)


@echo.
goto:eof



:Patch2
@echo INSTALLIERE Patch KB%1
@echo --------------------------------
@echo %3

Data\reg query "%RegHotfixListe%\KB%1" /v Installed 2>NUL | FIND "0x1" >Nul 2>NUL
if "%errorlevel%"=="0" (
   echo ++++ Patch ist schon installiert
   echo Patch %1 war bereits installiert >>%LOG%
) ELSE (
   start /wait Data\%2 /Q:A /R:N
   echo Patch %1 wurde installiert >>%LOG%
)


@echo.
goto:eof



:Patch3
@echo INSTALLIERE Patch KB%1
@echo --------------------------------
@echo %3

Data\reg query "%RegHotfixListe%\KB%1" /v Installed 2>NUL | FIND "0x1" >Nul 2>NUL
if "%errorlevel%"=="0" (
   echo ++++ Patch ist schon installiert
   echo Patch %1 war bereits installiert >>%LOG%
) ELSE (
   start /wait Data\%2 /qn /norestart
   echo Patch %1 wurde installiert >>%LOG%
)


@echo.
goto:eof

Now you can start this script:

without arguments: you have to confirm all PAUSE-commands with a keypress

with the argument /silent or -silent (it's not casesensitive): all commands will be processed without user interaction.

Hope this helps.

Al

**bbmak** · November 12, 2006

Do you have the updated package for Winflp?

**bbmak** · November 12, 2006

The installation is worked but I have to hit enter at the beginning when the command prompt pop up to continue the installation

here is my code

cls
@echo off
@Echo			 Willkommen beim Update-Pack von WinBoard
@echo ----------------------------------------------------------------
@Echo +			This Update Pack is NOT from MICROSOFT			+
@Echo +	It's only a package of patches, released by MICROSOFT	 +
@Echo +															  +
@Echo +		  Only updates which require no genuineness		   +
@Echo +				   examination are included				   +
@Echo +															  +
@Echo +	 We take over no liability for damages on your system	 +
@Echo +															  +
@Echo +					 Version 2.20 (WinXP)					 +
@Echo +		  Created by: www.winboard.org (10.10.2006)		   +
@echo ----------------------------------------------------------------

REM ############## section modified ###################

PUSHD "%~dp0"

set SILENT=false
if /I "%~1"=="-silent" set SILENT=true
if /I "%~1"=="/silent" set SILENT=true

REM ############## section modified ###################

set RegHotfixListe=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix
set LOG="%USERPROFILE%\Desktop\UpdatePack.log"


echo WinBoard.org UpdatePack >>%LOG%
echo ========================================================= >>%LOG%
echo Version 2.20 for Windows XP >>%LOG%
echo. >>%LOG%
echo Date of installation: %Date%, %Time% >>%LOG%
echo ========================================================= >>%LOG%
echo. >>%LOG%
echo. >>%LOG%



@echo CLOSE ALL RUNNING APPLICATIONS
REM ############## section modified ###################
if %SILENT%==false pause
REM ############## section modified ###################
@echo.



call :Patch1 898461 WindowsXP-KB898461-x86-ENU.exe "Package Installer for Windows"
call :Patch1 885894 WindowsXP-KB885894-x86-enu.exe "Computer stops responding when you try to install an update"
call :Patch1 885836 WindowsXP-KB885836-x86-ENU.exe "Vulnerability in WordPad"
call :Patch1 873339 WindowsXP-KB873339-x86-ENU.exe "Vulnerability in HyperTerminal"
call :Patch1 885835 WindowsXP-KB885835-x86-ENU.exe "Vulnerabilities in Windows Kernel and LSASS"



REM ++++++++++++++++++++++++++
REM Version 2.4 (Februar 2005)
REM ++++++++++++++++++++++++++

call :Patch1 887472 WindowsXP-KB887472-x86-enu.exe "Vulnerability in PNG Processing"
call :Patch1 888302 WindowsXP-KB888302-x86-ENU.exe "Vulnerability in Windows Could"
call :Patch1 891781 WindowsXP-KB891781-x86-ENU.exe "Vulnerability in the DHTML Editing ActiveX Control"


REM ++++++++++++++++++++++++++
REM Version 2.5 (April 2005)
REM ++++++++++++++++++++++++++

call :Patch1 890859 WindowsXP-KB890859-x86-ENU.exe "Vulnerability in Windows Kernel"
call :Patch1 887742 WindowsXP-KB887742-x86-ENU.exe "You receive the Stop error Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)"




REM ++++++++++++++++++++++++++
REM Version 2.6 (Juni 2005)
REM ++++++++++++++++++++++++++

call :Patch1 898458 StepByStepInteractiveTraining-KB898458-x86-ENU.exe "Vulnerability in Step-by-Step Interactive Training"
call :Patch1 890046 WindowsXP-KB890046-x86-ENU.exe "Vulnerability in Microsoft Agent"
call :Patch1 896358 WindowsXP-KB896358-x86-ENU.exe "Vulnerability in HTML-Help"
call :Patch1 896428 WindowsXP-KB896428-x86-ENU.exe "Vulnerability in Windows Telnet Client"



REM ++++++++++++++++++++++++++
REM Version 2.7 (Juli 2005)
REM ++++++++++++++++++++++++++

call :Patch1 901214 WindowsXP-KB901214-x86-ENU.exe "Vulnerability in Microsoft Color Management Module"



REM ++++++++++++++++++++++++++
REM Version 2.8 (August 2005)
REM ++++++++++++++++++++++++++

call :Patch1 893756 WindowsXP-KB893756-x86-ENU.exe "Vulnerability in Telephony service"
call :Patch1 896423 WindowsXP-KB896423-x86-ENU.exe "Vulnerability in Print Spooler service"
call :Patch1 899587 WindowsXP-KB899587-x86-ENU.exe "Vulnerabilities in Kerberos"
call :Patch1 899588 WindowsXP-KB899588-x86-ENU.exe "Vulnerability in Plug and Play"
call :Patch1 899591 WindowsXP-KB899591-x86-ENU.exe "Vulnerability in Remote Desktop Protocol"



REM ++++++++++++++++++++++++++
REM Version 2.9 (Oktober 2005)
REM ++++++++++++++++++++++++++

call :Patch1 899589 WindowsXP-KB899589-x86-ENU.exe "Vulnerability in Client Service for Netware"
call :Patch1 900725 WindowsXP-KB900725-x86-ENU.exe "Vulnerability in Windows Shell"
call :Patch1 901017 WindowsXP-KB901017-x86-ENU.exe "Vulnerability in Collaboration Data Objects"
call :Patch1 902400 WindowsXP-KB902400-x86-ENU.exe "Vulnerability in MSDTC und COM+"
call :Patch1 904706 WindowsXP-KB904706-v2-x86-ENU.exe "Vulnerability in DirectShow"
call :Patch1 905414 WindowsXP-KB905414-x86-ENU.exe "Vulnerability in Network Connection Manager"
call :Patch1 905749 WindowsXP-KB905749-x86-ENU.exe "Vulnerability in Plug and Play"




REM ++++++++++++++++++++++++++
REM Version 2.10 (November 2005)
REM ++++++++++++++++++++++++++

call :Patch1 907865 WindowsXP-KB907865-x86-ENU.exe "Vulnerability in IPSec-Policy Agent"
call :Patch1 896424 WindowsXP-KB896424-x86-ENU.exe "Vulnerabilities in Graphics Rendering Engine"



REM ++++++++++++++++++++++++++
REM Version 2.11 (Dezember 2005)
REM ++++++++++++++++++++++++++

call :Patch1 910437 WindowsXP-KB910437-x86-ENU.exe "Patch for Auto/Windows Update"
call :Patch1 908521 WindowsXP-KB908521-x86-ENU.exe "Vulnerability in RPC-Service"



REM ++++++++++++++++++++++++++
REM Version 2.12 (Januar 2006)
REM ++++++++++++++++++++++++++

call :Patch1 898900 WindowsXP-KB898900-v2-x86-ENU.exe "DFS Namespaces Client failback feature"
call :Patch1 912919 WindowsXP-KB912919-x86-ENU.exe "Vulnerability in Graphics Rendering Engine"
call :Patch1 900485 WindowsXP-KB900485-v2-x86-ENU.exe "Error Stop 0x7E in Windows XP SP2"
call :Patch1 908519 WindowsXP-KB908519-x86-ENU.exe "Vulnerability in Embedded Web Fonts"



REM ++++++++++++++++++++++++++
REM Version 2.13 (Februar 2006)
REM ++++++++++++++++++++++++++

call :Patch1 911564 WindowsMedia-KB911564-x86-ENU.exe "Vulnerability in Windows Media Player"
call :Patch1 911927 WindowsXP-KB911927-x86-ENU.exe "Vulnerability in Web Client Service"
call :Patch1 901190 WindowsXP-KB901190-x86-ENU.exe "Vulnerability in the Korean Input Method Editor"


REM ++++++++++++++++++++++++++
REM Version 2.14 (11.04.2006)
REM ++++++++++++++++++++++++++

call :Patch1 911567 WindowsXP-KB911567-x86-ENU.exe "Cumulative Security Update for Outlook Express"
call :Patch1 908531 WindowsXP-KB908531-x86-ENU.exe "Vulnerability in Internet Explorer"
call :Patch1 911562 WindowsXP-KB911562-x86-ENU.exe "Vulnerability in Microsoft Data Access Components (MDAC)"


REM ++++++++++++++++++++++++++
REM Version 2.15 (09.05.2006)
REM ++++++++++++++++++++++++++

call :Patch1 913580 WindowsXP-KB913580-x86-ENU.exe "Vulnerability in MS DTC-Service"
call :Patch2 913433 Windows-KB913433-x86-ENU.exe "Vulnerability in Flash Player"



REM ++++++++++++++++++++++++++
REM Version 2.16 (13.06.2006)
REM ++++++++++++++++++++++++++

call :Patch1 918439 WindowsXP-KB918439-x86-ENU.exe "Vulnerability in Internet Explorer"
call :Patch1 911280 WindowsXP-KB911280-v2-x86-ENU.exe "Vulnerability in Routing and Remote Access"
call :Patch1 917734_WMP10 WindowsMedia10-KB917734-x86-ENU.exe "Vulnerability in Media Player 10"
call :Patch1 917734_WMP9 WindowsMedia9-KB917734-x86-ENU.exe "Vulnerability in Media Player 9"
call :Patch1 914389 WindowsXP-KB914389-x86-ENU.exe "Vulnerability in SMB-Service"
call :Patch1 917953 WindowsXP-KB917953-x86-ENU.exe "Vulnerability in TCP/IP-Protokoll"
call :Patch1 917344 WindowsXP-KB917344-x86-ENU.exe "Vulnerability in Windows Scripting Host"



REM ++++++++++++++++++++++++++
REM Version 2.17 (12.07.2006)
REM ++++++++++++++++++++++++++


call :Patch3 917283 NDP20-KB917283-X86.exe "Vulnerability in DHCP ASP.NET"
call :Patch1 914388 WindowsXP-KB914388-x86-ENU.exe "Vulnerability in DHCP Client Service"
call :Patch1 917537 WindowsXP-KB917537-x86-ENU.exe "Vulnerability in Internetinformationservice"




REM ++++++++++++++++++++++++++
REM Version 2.18 (08.08.2006)
REM ++++++++++++++++++++++++++

call :Patch1 921883 WindowsXP-KB921883-x86-ENU.exe "Vulnerability in Windows Server-Service"
call :Patch1 920683 WindowsXP-KB920683-x86-ENU.exe "Vulnerability in DNS Resolution"
call :Patch1 918899 WindowsXP-KB918899-x86-ENU.exe "Cumulative Security Update for Internet Explorer"
call :Patch1 920214 WindowsXP-KB920214-x86-ENU.exe "Vulnerability in Windows"
call :Patch1 921398 WindowsXP-KB921398-x86-ENU.exe "Vulnerability in Windows Explorer"
call :Patch1 922616 WindowsXP-KB922616-x86-ENU.exe "Vulnerability in HTML Help"
call :Patch1 920670 WindowsXP-KB920670-x86-ENU.exe "Vulnerability in Windows Hyperlink Object Library"
call :Patch1 917422 WindowsXP-KB917422-x86-ENU.exe "Vulnerability in Windows Kernel"



REM ++++++++++++++++++++++++++
REM Version 2.19 (12.09.2006)
REM ++++++++++++++++++++++++++


call :Patch1 920685 WindowsXP-KB920685-x86-ENU.exe "Vulnerability in Index-Service"
call :Patch1 919007 WindowsXP-KB919007-x86-ENU.exe "Vulnerability in Reliable Multicast-Protokoll"



REM ++++++++++++++++++++++++++
REM Version 2.20 (10.10.2006)
REM ++++++++++++++++++++++++++


call :Patch1 925486 WindowsXP-KB925486-x86-ENU.exe "Vulnerability in Vector Markup Language"
call :Patch3 922770 NDP20-KB922770-X86.exe "Vulnerability in ASP.NET 2.0"
call :Patch1 923191 WindowsXP-KB923191-x86-ENU.exe "Vulnerability in Internet Explorer"
call :Patch1 924191 WindowsXP-KB924191-x86-ENU.exe "Vulnerability in XML Core Services"
call :Patch1 923414 WindowsXP-KB923414-x86-ENU.exe "Vulnerability in Server Service"
call :Patch1 924496 WindowsXP-KB924496-x86-ENU.exe "Vulnerability in TCP/IPv6-Protokoll"
call :Patch1 922819 WindowsXP-KB922819-x86-ENU.exe "Vulnerability in Windows Object Packager"




CLS
@ECHO.
@ECHO All hotfixes installed.
@ECHO.
@ECHO REBOOT IS NECESSARY !!! Please restart the computer.
@ECHO.
@ECHO.

REM ############## section modified ###################
if %SILENT%==false pause
REM ############## section modified ###################

goto:eof






:Patch1
@echo INSTALLING Patch KB%1
@echo --------------------------------
@echo %3

Data\reg query "%RegHotfixListe%\KB%1" /v Installed 2>NUL | FIND "0x1" >Nul 2>NUL
if "%errorlevel%"=="0" (
   echo ++++ Patch already installed
   echo Patch %1 already installed >>%LOG%
) ELSE (
   start /wait Data\%2 /passive /norestart
   echo Patch %1 installed >>%LOG%
)


@echo.
goto:eof




:Patch2
@echo INSTALLING Patch KB%1
@echo --------------------------------
@echo %3

Data\reg query "%RegHotfixListe%\KB%1" /v Installed 2>NUL | FIND "0x1" >Nul 2>NUL
if "%errorlevel%"=="0" (
   echo ++++ Patch already installed
   echo Patch %1 already installed >>%LOG%
) ELSE (
   start /wait Data\%2 /Q:A /R:N
   echo Patch %1 installed >>%LOG%
)


@echo.
goto:eof




:Patch3
@echo INSTALLING Patch KB%1
@echo --------------------------------
@echo %3

Data\reg query "%RegHotfixListe%\KB%1" /v Installed 2>NUL | FIND "0x1" >Nul 2>NUL
if "%errorlevel%"=="0" (
   echo ++++ Patch already installed
   echo Patch %1 already installed >>%LOG%
) ELSE (
   start /wait Data\%2 /qn /norestart
   echo Patch %1 installed >>%LOG%
)


@echo.
goto:eof

**AlBundy33** · November 12, 2006

What is Winflp?

If you start your script did you get the message "press any key to continue" or a errormessage?

--> Did you start the script with the "-silent"-switch?

As far as I can see your script is correct - you only need to add a POPD in your last modified section - this is necessary if you have started the script from networkshare.

REM ############## section modified ###################
if %SILENT%==false pause
POPD
REM ############## section modified ###################

I tried your script with the added popd command but I don't have to press any key.

Al

**bbmak** · November 12, 2006

WinFLP is a fundamental OS, which strips IE, WMP, and other junk softwares for legacy hardwares.

more info here

http://www.microsoft.com/licensing/sa/bene...ndamentals.mspx

==========================================================

Your method is worked, and it installs silently now, but i found a problem is when I put the package in win2003 network share, i have to enter account name and password to run the script. I already set my full permission for "everyone," but i still have to enter the account name and password at the beginning.

So I have to put the package in one of the storage drive to skip the account login process.

What is Winflp?
If you start your script did you get the message "press any key to continue" or a errormessage?
--> Did you start the script with the "-silent"-switch?
As far as I can see your script is correct - you only need to add a POPD in your last modified section - this is necessary if you have started the script from networkshare.
REM ############## section modified ###################
if %SILENT%==false pause
POPD
REM ############## section modified ###################
I tried your script with the added popd command but I don't have to press any key.
Al

**AlBundy33** · November 12, 2006

I think you have to enter the login-data because the batch runs in a new command shell and trys to mount the share as a networkdrive.

If you create the networkdrive manually the script should run without problems.

--> If you have to enter your login-data by creating the networkdrive we have the reason for your problem. So you only have to find a way that everbody can access your share without password.

Al

**bbmak** · November 12, 2006

thx u so much for helping.

I have created an user acct for reading the hotfix folder only, and then i map the network drive with a script.

**AlBundy33** · November 13, 2006

You're welcome.

Did you map your networkdrive manually or let you do the script the mapping?

If you do it manually and can access the share without password, the script should be able to map the share at start and disconnect the drive at end.

--> This means that is not necessary to map the drive. User only has to open the networkshare and start install.cmd (or just put a command like \\server\share\install.cmd to RunOnceEx or wherever you want) - while script execution a temporary netdrive will be mapped and after execution it will be disconnected.

Al

**bbmak** · November 13, 2006

For what i did is just putting a small batch file in the NAT, which direct the installation files in the windows 2003

You're welcome.
Did you map your networkdrive manually or let you do the script the mapping?
If you do it manually and can access the share without password, the script should be able to map the share at start and disconnect the drive at end.
--> This means that is not necessary to map the drive. User only has to open the networkshare and start install.cmd (or just put a command like \\server\share\install.cmd to RunOnceEx or wherever you want) - while script execution a temporary netdrive will be mapped and after execution it will be disconnected.
Al

**AlBundy33** · November 13, 2006

NAT?

**bbmak** · November 14, 2006

sorry, nas

**AlBundy33** · November 14, 2006

Ahhh - NAS. Ok now I know what you mean. :-)

I never worked with a NAS - do you see it on your PCs as share or how do you work with it?

Al

Sign In

What is the best way to deploy hotfix?

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members