Re: Patch management
From: Torgeir Bakken \(MVP\) (Torgeir.Bakken-spam_at_hydro.com)
Date: 11/04/04
- Next message: Sir Timbit: "Setting up the default XP profile"
- Previous message: Cathy SL: "Re: Upgrade won't work"
- In reply to: Okah Yaoga: "Re: Patch management"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 04 Nov 2004 20:28:08 +0100
Okah Yaoga wrote:
> Yeah, but unfortunately, again, everything is layered in links and more
> links... not really a consolidated location. So far, I've found the
> windowsupdate catalog is the best source, but even that lists patches that
> have already been included in later rollups without telling you that.
>
> Basically, I'm trying to set up a situation where I can take a brand new
> computer, install a clean XP version, apply all the patches necessary to get
> it up to speed, without having access to the internet, before I put it on a
> private network, and there is no centralized location.
Hi
Here is what I would have done:
Installed the newest service pack available to me.
If WinXP SP1, installed this one:
Update Rollup 1 for Windows XP Is Available
http://support.microsoft.com/?id=826939
Installed the latest MBSA (more info below).
Copied in the latest MSSecure_1033.CAB file to the MBSA folder (more
info below).
Run MBSA to get a report of missing security updates.
Info about MBSA and MSSecure_1033.CAB:
<quote>
Microsoft Baseline Security Analyzer (MBSA):
The Microsoft Baseline Security Analyzer allows administrators to
scan local and remote systems for missing security patches as well
as common security misconfigurations. More information on MBSA is
available at:
http://www.microsoft.com/technet/security/tools/mbsahome.asp
</quote>
and
Microsoft Baseline Security Analyzer (MBSA) 1.2 Q&A
http://www.microsoft.com/technet/security/tools/mbsaqa.mspx
and
Each time MBSA is run it will attempt to connect to the Internet to
download the CAB file containing MSSecure.XML from Microsoft. If an
Internet connection is not available, the tool will look for a local
copy of the CAB/XML file in the tool installation folder.
For machines that never connect to the Internet, you can separately
download this file from here:
ENU (code page 1033): http://go.microsoft.com/fwlink/?LinkId=18922
DEU (code page 1031) : http://go.microsoft.com/fwlink/?LinkId=18121
FRN (code page 1036) : http://go.microsoft.com/fwlink/?LinkId=18122
JPN (code page 1041): http://go.microsoft.com/fwlink/?LinkId=18120
MBSA has it own newsgroup as well:
microsoft.public.security.baseline_analyzer
-- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter/default.mspx
- Next message: Sir Timbit: "Setting up the default XP profile"
- Previous message: Cathy SL: "Re: Upgrade won't work"
- In reply to: Okah Yaoga: "Re: Patch management"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
