Windows Update

[Guest]

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Jon Skeet [C# MVP]]

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

You're right, this isn't the proper place - I suggest you ask in the
proper place instead. microsoft.public.windowsupdate is the first place
I'd look...

 

[Nicholas Paldino [.NET/C# MVP]]

Jonny,

I don't know this for sure, but I would guess that when you make a
request to see what is at windows update, you either send a list of items
you have installed (not directly, but perhaps an encoded representation),
and it sends back what is new or what needs to be replaced. Either that, or
what WU does is send back the whole list of what is available since the last
time you checked, and compares it locally with what you have on the machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you want).

Hope this helps.

 

[Guest]

Thanks.

I was looking to see if it is possible to create an application that could
be used as a patch management tool. similar to Netchk, but would have a more
coprehensive tool/option set.

/J

 

[Guest]

Hi Nicholas,

Thanks, that was what i assumed was going on. The part that I really would
be interested in is how the service can 'tell' what patches are releative to
each system... I assume it compiles a list of the installed Applications and
the installed Updates and then check against its own database to see what
patches are relevent. I guess what i really need is what parameters need to
be checked to ensure only the correct patches are installed.

The application I would like to write will allow users to scan remote
machiens and be prompted with the list of relevant patches that are then
selected and installed. A full record of each patch and the patch history for
each machine would be kept.

Thanks Again,

/J

Jonny,

I don't know this for sure, but I would guess that when you make a
request to see what is at windows update, you either send a list of items
you have installed (not directly, but perhaps an encoded representation),
and it sends back what is new or what needs to be replaced. Either that, or
what WU does is send back the whole list of what is available since the last
time you checked, and compares it locally with what you have on the machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Branimir Giurov]

There is a log file with the installed patches in the system root named
"Windows Update.log".
Then the ActiveX that's installing the updates is checking against the
server with the list they have published as updates.
I'm not sure how it works with SUS - probably a GPO running - just guessing
.
You should ask in microsoft.public.windowsupdate for details.

If you're interested in writing an app with auto update, you should check
out the Application Updater App Block - it's available at
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/updater.asp

Cheers,
Branimir
--
Branimir Giurov
MCSD.NET, MCDBA
www.sofiadev.org

Jonny,

I don't know this for sure, but I would guess that when you make a
request to see what is at windows update, you either send a list of items
you have installed (not directly, but perhaps an encoded representation),
and it sends back what is new or what needs to be replaced. Either that, or
what WU does is send back the whole list of what is available since the last
time you checked, and compares it locally with what you have on the machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Nicholas Paldino [.NET/C# MVP]]

Jonny,

If you are writing a .NET app that you want to be auto-updated, you
might want to check on ClickOnce, as it will eliminate the need for you to
do all of this yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi Nicholas,

Thanks, that was what i assumed was going on. The part that I really would
be interested in is how the service can 'tell' what patches are releative to
each system... I assume it compiles a list of the installed Applications and
the installed Updates and then check against its own database to see what
patches are relevent. I guess what i really need is what parameters need to
be checked to ensure only the correct patches are installed.

The application I would like to write will allow users to scan remote
machiens and be prompted with the list of relevant patches that are then
selected and installed. A full record of each patch and the patch history for
each machine would be kept.

Thanks Again,

/J

Jonny,

I don't know this for sure, but I would guess that when you make a
request to see what is at windows update, you either send a list of items
you have installed (not directly, but perhaps an encoded representation),
and it sends back what is new or what needs to be replaced. Either that, or
what WU does is send back the whole list of what is available since the last
time you checked, and compares it locally with what you have on the machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Guest]

I want to write an application that will allow an network admin to see and
control what patches are on their network.

Jonny,

If you are writing a .NET app that you want to be auto-updated, you
might want to check on ClickOnce, as it will eliminate the need for you to
do all of this yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi Nicholas,

Thanks, that was what i assumed was going on. The part that I really would
be interested in is how the service can 'tell' what patches are releative to
each system... I assume it compiles a list of the installed Applications and
the installed Updates and then check against its own database to see what
patches are relevent. I guess what i really need is what parameters need to
be checked to ensure only the correct patches are installed.

The application I would like to write will allow users to scan remote
machiens and be prompted with the list of relevant patches that are then
selected and installed. A full record of each patch and the patch history for
each machine would be kept.

Thanks Again,

/J

Jonny,

I don't know this for sure, but I would guess that when you make a
request to see what is at windows update, you either send a list of items
you have installed (not directly, but perhaps an encoded representation),
and it sends back what is new or what needs to be replaced. Either that, or
what WU does is send back the whole list of what is available since the last
time you checked, and compares it locally with what you have on the machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Nicholas Paldino [.NET/C# MVP]]

Jonny,

I would look into SMS then. It already does this for windows machines,
and you wouldn't have to maintain it yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

I want to write an application that will allow an network admin to see and
control what patches are on their network.

Jonny,

If you are writing a .NET app that you want to be auto-updated, you
might want to check on ClickOnce, as it will eliminate the need for you to
do all of this yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi Nicholas,

Thanks, that was what i assumed was going on. The part that I really would
be interested in is how the service can 'tell' what patches are

releative
to

each system... I assume it compiles a list of the installed

Applications
and

the installed Updates and then check against its own database to see what
patches are relevent. I guess what i really need is what parameters

need
to

be checked to ensure only the correct patches are installed.

The application I would like to write will allow users to scan remote
machiens and be prompted with the list of relevant patches that are then
selected and installed. A full record of each patch and the patch

history
for

each machine would be kept.

Thanks Again,

/J



:

Jonny,

I don't know this for sure, but I would guess that when you make a
request to see what is at windows update, you either send a list of items
you have installed (not directly, but perhaps an encoded representation),
and it sends back what is new or what needs to be replaced. Either that, or
what WU does is send back the whole list of what is available since

the
last

time you checked, and compares it locally with what you have on the machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Guest]

Thanks, Nicholas.

SMS would not be suitable for this. The main purpose of this app is to
simplify the patch deployment process. There would be no client required, and
all you have to do to install a patch is select a machine or group of
machines and then click 'send'. The patch is silently and automatically
installed.

No further interferance is required, you then have a record of when the
patch was issued, to which machines, from which machine and by who.

Based on this general reports can be created for record keeping and if
needed back-up lists. We already have an application that keeps track of
software (installed) and hardware changes (RAM, CPU, BIOS etc..).

Thanks again,

Jonny

Jonny,

I would look into SMS then. It already does this for windows machines,
and you wouldn't have to maintain it yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

I want to write an application that will allow an network admin to see and
control what patches are on their network.

Jonny,

If you are writing a .NET app that you want to be auto-updated, you
might want to check on ClickOnce, as it will eliminate the need for you to
do all of this yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi Nicholas,

Thanks, that was what i assumed was going on. The part that I really would
be interested in is how the service can 'tell' what patches are releative
to
each system... I assume it compiles a list of the installed Applications
and
the installed Updates and then check against its own database to see what
patches are relevent. I guess what i really need is what parameters need
to
be checked to ensure only the correct patches are installed.

The application I would like to write will allow users to scan remote
machiens and be prompted with the list of relevant patches that are then
selected and installed. A full record of each patch and the patch history
for
each machine would be kept.

Thanks Again,

/J



:

Jonny,

I don't know this for sure, but I would guess that when you make a
request to see what is at windows update, you either send a list of
items
you have installed (not directly, but perhaps an encoded
representation),
and it sends back what is new or what needs to be replaced. Either
that, or
what WU does is send back the whole list of what is available since the
last
time you checked, and compares it locally with what you have on the
machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you
want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does it
identify what patches to install, and what are not valid patches for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Nicholas Paldino [.NET/C# MVP]]

Jonny,

Based on what you said, it appears that SMS would work:

http://www.microsoft.com/smserver/evaluation/overview/default.asp


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Thanks, Nicholas.

SMS would not be suitable for this. The main purpose of this app is to
simplify the patch deployment process. There would be no client required, and
all you have to do to install a patch is select a machine or group of
machines and then click 'send'. The patch is silently and automatically
installed.

No further interferance is required, you then have a record of when the
patch was issued, to which machines, from which machine and by who.

Based on this general reports can be created for record keeping and if
needed back-up lists. We already have an application that keeps track of
software (installed) and hardware changes (RAM, CPU, BIOS etc..).

Thanks again,

Jonny

Jonny,

I would look into SMS then. It already does this for windows machines,
and you wouldn't have to maintain it yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

I want to write an application that will allow an network admin to see and
control what patches are on their network.

:

Jonny,

If you are writing a .NET app that you want to be auto-updated, you
might want to check on ClickOnce, as it will eliminate the need for

you
to

do all of this yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi Nicholas,

Thanks, that was what i assumed was going on. The part that I

really
would

be interested in is how the service can 'tell' what patches are releative
to
each system... I assume it compiles a list of the installed Applications
and
the installed Updates and then check against its own database to

see
what

patches are relevent. I guess what i really need is what

parameters
need

to
be checked to ensure only the correct patches are installed.

The application I would like to write will allow users to scan remote
machiens and be prompted with the list of relevant patches that

are
then

selected and installed. A full record of each patch and the patch history
for
each machine would be kept.

Thanks Again,

/J



:

Jonny,

I don't know this for sure, but I would guess that when you

make
a

request to see what is at windows update, you either send a list of
items
you have installed (not directly, but perhaps an encoded
representation),
and it sends back what is new or what needs to be replaced. Either
that, or
what WU does is send back the whole list of what is available

since
the

last
time you checked, and compares it locally with what you have on the
machine,
giving you a list of what is not installed. This way, you don't violate
privacy concerns (as you never tell MS what you have, just what you
want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How

does
it

identify what patches to install, and what are not valid

patches
for

OS/Software Installed??

I know this isn't the proper place for this one, but i'm just checking

Thanks

 

[Guest]

SMS still requires a client to be setup, we are looking to create a
clientless solution.

/J

Jonny,

Based on what you said, it appears that SMS would work:

http://www.microsoft.com/smserver/evaluation/overview/default.asp


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Thanks, Nicholas.

SMS would not be suitable for this. The main purpose of this app is to
simplify the patch deployment process. There would be no client required, and
all you have to do to install a patch is select a machine or group of
machines and then click 'send'. The patch is silently and automatically
installed.

No further interferance is required, you then have a record of when the
patch was issued, to which machines, from which machine and by who.

Based on this general reports can be created for record keeping and if
needed back-up lists. We already have an application that keeps track of
software (installed) and hardware changes (RAM, CPU, BIOS etc..).

Thanks again,

Jonny

Jonny,

I would look into SMS then. It already does this for windows machines,
and you wouldn't have to maintain it yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

I want to write an application that will allow an network admin to see and
control what patches are on their network.

:

Jonny,

If you are writing a .NET app that you want to be auto-updated, you
might want to check on ClickOnce, as it will eliminate the need for you
to
do all of this yourself.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi Nicholas,

Thanks, that was what i assumed was going on. The part that I really
would
be interested in is how the service can 'tell' what patches are
releative
to
each system... I assume it compiles a list of the installed
Applications
and
the installed Updates and then check against its own database to see
what
patches are relevent. I guess what i really need is what parameters
need
to
be checked to ensure only the correct patches are installed.

The application I would like to write will allow users to scan remote
machiens and be prompted with the list of relevant patches that are
then
selected and installed. A full record of each patch and the patch
history
for
each machine would be kept.

Thanks Again,

/J



:

Jonny,

I don't know this for sure, but I would guess that when you make
a
request to see what is at windows update, you either send a list of
items
you have installed (not directly, but perhaps an encoded
representation),
and it sends back what is new or what needs to be replaced. Either
that, or
what WU does is send back the whole list of what is available since
the
last
time you checked, and compares it locally with what you have on the
machine,
giving you a list of what is not installed. This way, you don't
violate
privacy concerns (as you never tell MS what you have, just what you
want).

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hey all,

Just a query, How does WUS (Windows Update Service) work? How does
it
identify what patches to install, and what are not valid patches
for
OS/Software Installed??

I know this isn't the proper place for this one, but i'm just
checking

Thanks

 

[Jon Skeet [C# MVP]]

SMS still requires a client to be setup, we are looking to create a
clientless solution.

You want a clientless solution which allows you to push data to the
computer... don't you think that might be a bit of a security hole?

 

[Jon Skeet [C# MVP]]

It's not opening up anything that is not already there.

Well, if it's all that open to start with, I'm not sure what the
problem is - just get your server box to look at the files on the
client and decide what's required.

If you still want to know about how Windows Update works (even though
it has a client), I still recommend you ask on the WU newsgroup.

 

[Guest]

I already have, I was asking to see if anyone here knew aswell. Its the
specific registry enteries I am looking for. Again what i'm looking to build
is a clientless solution.

Thanks,

/Jonny