8 replies to this topic

[leebee]

status: 2011-01-32. Ran apup.exe latest version (1.3.0.1) right before.

Selected releases:
- Windows XP SP3 x86 En
- .NET FW Addon Pack En

After running autopatcher.exe latest version (5.6.0.100) on XP SP3, all of these Express updates still want to be installed:

// the image does not display, neither as gif nor as png. Hosted at imageshack.us which works in postings of other members - weird .. just click on the link if you want to see the img, or read below

as text:

Install Updates  Download size (total): 57.1 MB 
 
High-priority updates 
Microsoft Windows XP
 
Security Update for Microsoft .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
Download size: 6.5 MB , less than 1 minute 
A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain access to information. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.  Details... 
 
Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
Download size: 1.4 MB , less than 1 minute 
A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain access to information. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.  Details... 
 
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB983583)
Download size: 11.2 MB , less than 1 minute 
A security issue has been identified that could allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.  Details... 
 
Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524)
Download size: 16.9 MB , 1 minute 
This update addresses a set of known issues of the Microsoft .NET Framework 3.5 Service Pack 1. After you install this item, you may have to restart your computer.  Details... 
 
Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Security Update for Windows 2000, Windows Server 2003, and Windows XP x86 (KB979909)
Download size: 830 KB , less than 1 minute 
A security issue has been identified that could allow an attacker to tamper with digitally signed content without being detected, when this content is being consumed by an application that makes use of the Microsoft .NET Framework on a Windows-based system. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.  Details... 
 
Microsoft .NET Framework 3.5 SP1 Update for Windows Server 2003 and Windows XP x86 (KB982168)
Download size: 20.1 MB , 2 minutes 
Install this update to help strengthen authentication credentials in specific scenarios. After you install this item, you may have to restart your computer.  Details... 
 
Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707)
Download size: 0 KB , 0 minutes  (Downloaded; ready to install)  
The update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 for Firefox addresses several compatibility issues with version 1.0 of the extension.  Details... 
 

This doesn't seem right. When I deliver a PC back to the client I am expected to deliver it WITHOUT ANYTHING in Express updates. I hope the philosophy is NOT that most of these .NET updates aren't "critical security updates". That would be looked at from OUR (the IT guys') perspective instead the USER's perspective, for whom this project seems to be for down at the bottom line, if I am not mistaken.

Anyway, how do I get to the point that, after running AP, Express update is empty, at the most containing only very recent updates?

Thank you. Other that that, great work, extremely helpful tool very much worth developing!

Lee

Edited by leebee, 23 January 2011 - 10:55 PM.

[_def_x_]

Hi leebee

Sorry to hear you're having troubles with the .NET package, which by the way, this post should have been posted there and not in the XP forum. These updates are in the release so I'm guessing the problem is with a dependency, either your system or in the apm file. I would check the log files and see if they mention something like "this update doesn't apply to this system" - or something similar. Are you sure they aren't installed and simply not being detected?

The only option at this point is to install the update manually as there is no longer any release maintainer so the issue wont be fixed (this is my assumption and not official by any means, just a guess) - at least according to the info I got and by looking at the latest member status updates.

[leebee]

Hi gUiTaR_mIkE,

thanks for your prompt input. I decided to post here because I am experiencing this in WinXP. It might not be an issue in any other Win.

I just checked, all 7 updates (*KB2418241*.exe *KB2416473*.exe *KB983583*.exe *KB982524*.exe *KB979909*.exe *KB982168*.exe *KB963707*.exe) are in the dotnet folder under \modules\Components\__dotnet. For some reason AP sees them as already installed, but Windows Update does not. Not possible to tell for me who's "right".

Finding those in AP for manual mark-up proved awkward and not worth the hassle. So I copied the paths of the search for these files in Total Commander and created a little but handy batch 'install missing .NET x86 updates.bat' with the following content:

@ echo off
echo Installing missing .NET x86 updates one by one, please wait ..
echo.
modules\Components\__dotnet\NDP20SP2-KB979909-x86.apm_files\NDP20SP2-KB979909-x86.exe /quiet /passive /norestart
echo installed 1 of 7 ..
echo.
modules\Components\__dotnet\NDP20SP2-KB983583-x86.apm_files\NDP20SP2-KB983583-x86.exe /quiet /passive /norestart
echo installed 2 of 7 ..
echo.
modules\Components\__dotnet\NDP20SP2-KB2418241-x86.apm_files\NDP20SP2-KB2418241-x86.exe /quiet /passive /norestart
echo installed 3 of 7 ..
echo.
modules\Components\__dotnet\NDP30SP2-KB982168-x86.apm_files\NDP30SP2-KB982168-x86.exe /quiet /passive /norestart
echo installed 4 of 7 ..
echo.
modules\Components\__dotnet\NDP30SP2-KB982524-x86.apm_files\NDP30SP2-KB982524-x86.exe /quiet /passive /norestart
echo installed 5 of 7 ..
echo.
modules\Components\__dotnet\NDP35SP1-KB963707_files\NDP35SP1-KB963707-x86.exe /quiet /passive /norestart
echo installed 6 of 7 ..
echo.
modules\Components\__dotnet\NDP35SP1-KB2416473-x86.apm_files\NDP35SP1-KB2416473-x86.exe /quiet /passive /norestart
echo installed 7 of 7 .. DONE!
echo.
pause

- placed the file onto root of the AP directory, next to/ on the same level as autopatcher.exe, ran and let it finish.
- ran Windows update, Express --> empty now as it should.

This is a bit of a jerry-rigged work-around, but it works for now. Hopefully s.th. for the devs to look at.

batch also attached as zip.

Lee

gUiTaR_mIkE, on 23 January 2011 - 11:59 PM, said:

Hi leebee

Sorry to hear you're having troubles with the .NET package, which by the way, this post should have been posted there and not in the XP forum. These updates are in the release so I'm guessing the problem is with a dependency, either your system or in the apm file. I would check the log files and see if they mention something like "this update doesn't apply to this system" - or something similar. Are you sure they aren't installed and simply not being detected?

The only option at this point is to install the update manually as there is no longer any release maintainer so the issue wont be fixed (this is my assumption and not official by any means, just a guess) - at least according to the info I got and by looking at the latest member status updates.

Attached Files

•  install missing .NET x86 updates.zip   443bytes   3 downloads

Edited by leebee, 24 January 2011 - 07:05 AM.

[_def_x_]

Very resourceful leebee, seems you're pretty technically saavy

You know, AutoPatcher is really only a sophisticated .bat script - well, OK, maybe a little more (with a GUI) but the original idea started from a bat script if memory serves me right. Btw, you may want to download the only available docs (kinda old but still useful) and have at making your own custom release, it wont be official but if you've created it, it is safe - the docs can be found Here.

The reason I say this is, unless I have misunderstood what 'I've quit' means, the release maintainer for most of the releases has well, Quit, that includes the XP, .NET, and Extras packages. I figure the forums will be gone shortly as well seeing the spam is building up, this is very uncommon here, they run a pretty tight ship.

[leebee]

thanks for the background. There must be some function in the AP script that checks if an update is installed or not. I know with VBScript it is possible to check in the registry and, depending on if an entry exists or not, have a value of either 0 or 1 returned into the batch via a variable. I think there is an error in AP's checking script re. these .NET updates, telling AP that they are installed even though they are not. To pinpoint this down one would have to

a. make a regshot with regmon or so before and after installation via my batch to see which reg entries have changed
b. find the equivalent entries in the AP files (hopefully open script, nothing compiled)

Unfortunately I have run out of time now, having several clients "in my back", one of which calls me every day about the progress of my work (outch). If somebody wants to jump on this, please go ahead. I don't think I will have any more time for digging deeper in the next couple of weeks. For now I can live with the batch. What I can do (and what I ask anybody else to do) is to contribute more *kbxxxxx.exe's from Express update (XP) that don't get installed, but are present in AP's repository and should get installed. I can then update above posting with more batches (hopefully not too many .. )

Greetz,
Lee

Edited by leebee, 24 January 2011 - 07:20 PM.

[_def_x_]

If I can backup for a moment, I admit I'm not sure exactly what the original problem was, if MU/WU installed the updates and AP didn't recognise them or, if after you ran AP they still showed as uninstalled, regardless...

Quote

There must be some function in the AP script that checks if an update is installed or not

Yes, but not in the script, the 'dependency' is in the .apm file. Open any .apm file (simple text file, any text editor will work) and have a look. It isn't uncommon for these dependencies to need reworking which is what we may have here, find another registry entry, or add an additional entry to ensure the update gets detected properly. This isn't a big deal, the problem is there usually isn't much feedback so problems go unnoticed and edits aren't made to the .apm files. Now, the information you provided is great but sadly it looks as if there is no longer a maintainer for the .NET package so the issue may stay unresolved - the forums could have used you, someone with your knowledge, sadly it may be a bit too late.

Anyway, have a look at the docs, you may be able to edit your release and make it work. You can ignore any warnings of Unofficial/Unsupported as long as you are the one doing the updates - AutoPatcher should still install them just the same, you simply wont be able to sign the project and make it Official.

[leebee]

thanks for the info about the .apm files containing the dependencies. They pretty much look like .inf files to me. Can you tell me where the content of the apm files originates from? Was all content taken from some inf file in the Windows directory tree AFTER (non-AP) installation? I took one of the .NET update .exe apart, and also the included .msp, but could not find the equivalent info resembling the .apm (most files in the .exe/ .msp are binaries).

Edited by leebee, 25 January 2011 - 01:34 AM.

[_def_x_]

Quote

Can you tell me where the content of the apm files originates from?

Well, any source with accurate information. AutoPatcher is portable and reusuable, the hope is all detections are consistant across multiple machines but it's difficult knowing for sure when nobody reports errors. If there's 'info' in the extracted update, use it, maybe installing an update in a VM OS for testing (this is common, I used a 2k vm to verify the 2k '.apm' files were accurate). I also used the security bulletin - Security Update Deployment, see here! MS11-002. I'm not sure if every update has information or a security bulletin to reference.

The hope is the user base will report errors (like you did), or offer feedback, so if there is indeed an issue it can be fixed, maybe the added dependency will make the detection more reliable, allowing AutoPatcher to be effective across a broader base of machines.

The other option, use your own PC to find registry detections that work. It isn't uncommon for some users to update their own system via MU/WU, but when they work on a customer's system (one not connected to the internet) AutoPatcher is more to their liking. In this case, they would use their own system to gather information that helps build an AutoPatcher release despite never running AutoPatcher on their own PC - well, maybe to see if the detections work (are the updates blue). Like I said, what ever works as long as it is reliable and consistant.

Edited by gUiTaR_mIkE, 25 January 2011 - 03:37 AM.

[leebee]

all right, thanks for all the valuable info, that's s.th. one can work with. I'll dig deeper whenever I have a chance.