I figured there was some kind of order to applying updates to make sure everything is applied correctly. Also, I removed editions with NTLite first to make updating isos much faster with W10UI.
Does anyone know how I can obtain KB4023057 and KB5001716 updates to integrate into install? I can't seem to find them online in the catalog.
KB4023057/KB5001716 = WU reset: https://forums.mydigitallife.net/posts/1714946 They are not a normal update but containers with an msi inside, can't be integrated by dism.
For KB402305, it looks like one of the files is a unifiedinstaller.exe. Should I just add that to setupcomplete?
Question: https://forums.mydigitallife.net/posts/1902228 Abbodi's answer: https://forums.mydigitallife.net/posts/1902234 Example setupcomplete.cmd https://forums.mydigitallife.net/posts/1902580
So if I want setupcomplete to also install KB5001716, I should extract the .msi and then add @echo off fltmc >nul || exit /b call %~dp0unifiedinstaller.exe call %~dp0KB5001716-x64.msi cd \ (goto) 2>nul & (if "%~dp0"=="%SystemRoot%\Setup\Scripts\" rd /s /q "%~dp0") ?
Just place all 4 files together and call unifiedinstaller.exe, it should extract and install the msi by itself
I understand for the 4023057 files that have unifiedinstaller but separately for 5001716, it is just a cab file with an msi inside it. I'm not sure unifiedinstaller would install that msi too, since they are different updates no?
Actually after reading more about kb5001716, I just want to block windows update from offering it (or its future re-issues) on any system that has the OS installed. Either block it forever or spoof it so that Windows Update thinks it's already installed. Do we have any tools to do that?
Hopefully this will help someone, but for those interested, I have found a way to block Windows Update from offering KB5001716, the useless nagware/spyware that installs executables that exists to scan the user's PC constantly to "convince" Win 10 22H2 users to "upgrade" to 11. Simply merge with NTLite or manually after post install and Windows Update will think KB5001716 already installed. Note that this update is not offered to Windows 10 Enterprise IoT LTSC 2021 thankfully, so this edit is not required for that version. EDIT: After much testing I have updated the registry import and made it as small as possible, leaving out all possible superfluous strings for a cleaner registry. Also added some comments to it that explain the process a bit. Initially the registry file I had was an export from a system that already had KB5001716 installed, but it was huge, contained a lot of useless and machine specific strings. Also confirmed that should Microsoft re-issue this update, this registry import will not work if the new KB5001716 will install a different product code string in the registry, so if a more permanent method exists to block it forever that does not require third party tools but can be achieved for an offline install of Windows, it would be great to know. Current product code is "07839D8B1D890894FAAC2E5636DCBF97", in which case the import will need to be modified to include the new product code in both strings. It is also possible that in the future Microsoft will modify its update offering detection logic to not depend on this but considering Windows 10 22H2 is now EOL, we should be safe from both scenarios, especially the second. I've also verified that this registry import is not cleaned by CCleaner. Spoiler: BLOCK KB5001716 Windows Registry Editor Version 5.00 ; this line prevents Windows Update from installing the update even if it downloads it, producing an error [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\07839D8B1D890894FAAC2E5636DCBF97\SourceList] "PackageName"="Windows-KB5001716-x64.msi" ; this line prevents Windows Update from offering the update download in the first place, by detecting it as installed ; this is possible because WU checks the "LocalPackage" string to see if it's either empty/no string (update is offered) or non-empty (not offered) ; there is no actual blocker.msi file in the system, it can be any name.msi as long as the rest of the structure is preserved [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07839D8B1D890894FAAC2E5636DCBF97\InstallProperties] "LocalPackage"="C:\\Windows\\Installer\\blocker.msi" Simply copy this into a .txt and rename to .reg and merge it. Should anyone wish to undo this behavior and install the spyware update, I have included the undo string here: Spoiler: UNDO KB5001716 BLOCK Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\07839D8B1D890894FAAC2E5636DCBF97] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07839D8B1D890894FAAC2E5636DCBF97\InstallProperties]