On Vista64 Enterprise detected the 2021-08 Security and Quality Rollup for .Net Framework 2.0, 3.0, 4.5.2, 4.6, and 4.6.2 for Windows server 2008 SP2 for x64 (KB5004874) Size: 42.2 MB I guess that the .Net Rollup is included in KB5005090?
No, .NET rollup is separate what you got underneath is: 2021-08 Security and Quality Rollup for .NET Framework 4.6 and 4.6.2 for Windows Server 2008 SP2 for x64 (KB5004757)
On Business 64 I got detected both KB5005090 and part of KB5004874 (24.5 MB this time). So far the Business version detected everything. I can install everything manually on Enterprise 64 and Ultimate 64 but they won't detect by themselves. Those VMs who won't detect KB5005090 are stuck on KB4036162 if that makes any sense to you. It keeps coming back with 23KB size. This is the step where on Business I got offered the Security Stack Update (KB4580971) instead. KB4036162 doesn't apply on Business and maybe this is why business doesn't stack on this step. For some reason I cannot execute the mpsyschk file that comes with KB4036162 and has a size of 23KB. Btw thanks a lot for your patch abbodi1406!!! Edit: Wrong KB number
Do you have kb4575904 installed? If yes remove it and scan again. (I assume that you either have x64 or that you have x86 and scanning only with option 1 "Vista only")
The last time I did a test clean install of Windows Vista Business SP2 64-bit was on May 3, 2021 - 6 months ago. I've decided to do another test clean install today to see what steps need to be added or removed or edited, and what new or additional problems (if any) there are. After I'm completely done (hopefully), I'll update the guide in the original post.
The guide in post #1 has been updated to reflect the several changes that were made after doing another test clean install. Enjoy!
Hello Captain! Thank you for your effort! Did you manage to detect the monthly Cumulative Rollup of 2021-10? I notice that you don't use the latest SSU any particular reason for this or do you update it later on? Personally I install the latest SSU right after SHA2 update and I skip the WUC 7.6. I update directly to 7.7. Everything works fine with the exception that I don't manage to detect the ESU monthly Cumulative Rollup. I will try to follow your steps one by one and see if I get any different result regarding the ESU part.
xrononautis: The October 2021 Servicing Stack Update for Server 2008 is KB5006750. You're saying I should replace KB4580971 in step #14 with KB5006750 before I deploy the SHA2 Windows Update script? Note: KB5006750 wasn't detected in my laptop and installed until after the initial 57 updates for Server 2008 were detected and installed. Thanks for asking about the October 2021 Security Monthly Quality Rollup (KB5006736). I had assumed it was installed, but upon checking the list of installed updates, I was disappointed to see the most current SMQR was for January 2020 (KB4534303). I decided to try to manually install KB5006736, and fortunately it did successfully install. I'm going to hold off making any change in the guide and doing another test clean install until after I hear back from you.
Regarding KB5006750 2021-10 SSU: It can be installed at any point (after kb4493730 is installed ofc) requires SHA2 support installed and system restart before it can be installed ofc. If you don't install it at the beginning it won't detect on its own until after you have installed MRT tool for some weird reason. At any rate it should give you the final list of updates (which is still a mesh from what I saw from my tests). Any SSU after kb4493730 and before kb5006750 is superseded according the update catalog (and never showed in my tests with kb5006750 installed). WUC_Patch won't be affected from this as I saw on my tests. Regarding KB5006736: It shows that installs but if you try to install the previous monthly cumulative rollup after, it will install as well -which shouldn't happen- so my guess is that it doesn't really install properly since we are not able to install the ESU Preparation Package and still get to WinUpdate to work. (Although on my tests I was able to install ESU Preparation Package as last update and not break the windows Update but it didn't detect anything regardless it just show that everything is up to date... My conclusion is that the only safe way to go beyond 2020-01 is by installing all the security only updates after the 2020-01 Monthly Cumulative. In one of my tests I installed 2021-10 Monthly Cumulative before the 2020-01 Monthly cumulative to see what happens. The result was that it superseded something like 70 updates (WUC_Patch at option 3) in the exact way that 2020-01 Monthly would do but with 2020-01 Monthly remaining on the list of available updates on windows update. Also check that you have the cumulative ESU update for .Net 4.6.1 It couldn't detect and in my case. Another thing is that you can install IE9 Cumulative kb5006671 right after installing IE9 and restarting. You will need to install it through the package manager though on x64. You can verify that this one is installed by checking the IE9 Settings --> About menu. Spoiler: Script to install kb5006671 through package manager mkdir .\tmp expand.exe -f:*Windows*.cab *kb5006671-x64*.msu . >nul expand.exe -f:* *kb5006671-x64*.cab .\tmp >nul start /w PkgMgr.exe /ip /m:"%cd%\tmp\package_2_for_kb5006671~31bf3856ad364e35~amd64~~6.0.1.0.mum" /quiet /norestart start /w PkgMgr.exe /ip /m:"%cd%\tmp\package_3_for_kb5006671~31bf3856ad364e35~amd64~~6.0.1.0.mum" /quiet /norestart del /f /q *kb5006671-x64*.cab rd /s /q tmp Overall I have identified which updates are superseding other updates and which updates have been superseded by other updates beyond what is stated on the Catalog. There are many updates that are being presented through Windows update they shouldn't because they are superseded officially or unofficially. My favorite example is on security update that is fixing a vulnerability on Windows Journal while a Recommended Update presented the same time removes Windows Journal all together. Obviously you can just do the removal and the security update will disappear. The 2020-01 monthly cumulative alone supersedes something like 70 updates... So I do this before the main batch of updates. I got the total number of Windows only updates down to 165 with WUC_Patch at option 3. Let me know if you want to test my sequence at some point.
xrononautis: I was up last night until 3:00 A.M. with doing another test clean install of Windows Vista Business SP2 64-bit. The end result was the same - no Security Monthly Quality Rollup for Windows Server 2008 64-bit was installed that was newer than January 2020. I was frustrated and tired, so I went to bed. I begin another test clean install at 2:00 P.M. today and have made several changes. The end result of some of those changes is that Internet Explorer is now at version 9.0.190 instead of version 9.0.167. Option #1 of the Vista_SHA2_WU script has been deployed, and 199 important and recommended updates for Vista are currently installing. After I'm all finished with the Vista updates, I'm going to try something different with the script and the Server 2008 updates.
The Internet explorer can be updated directly with the latest ESU cumulative. Version 9.0.270. Any previous cumulative is superseded. I have tested it many times and works fine. (If a previous cumulative was offered through Windows update, it will disappear after you install this update, which means that the system detects it) In order to install it you need the latest SSU already installed (and the ESU bypass I think). Off course you need to install it through package manager with the script in my previous post. Don't bother loosing your sleep over it though.
I don't mean to sound ignorant, but I've had very little experience with using scripts. How exactly do I make use of the script you provided me with in post #33 so that I can install the KB5006671 update for IE9? I got curious and tried to manually install it, but all I got was a message which says "This update does not apply to your system". I'm about ready to give up on this whole project.
No worries, nobody knew everything by born. I knew even less before you made this guide and started building upon it. What you need to do is copy paste the code from inside the spoiler to a text file on your computer. The text file must be simple text (.txt file type). After you save it change the file type extension from .txt to .bat After place the .bat file in the same location as the .msu file. Note that the script will expand the .msu and the the .cab in the same folder as you run it from. Hence it will be really slow if you run it from a USB thumb drive. Better to run it from the vista's desktop. Also you will need to restart the computer before you can see results in IE9 About menu. The Windows update will need to rescan before it updates the list of updates. You will know that the script has completed once the cmd window is gone but there will be no error message if it hasn't install for some reason. Make sure to install the latest SSU before and ESU bypass.
xrononautis: Thanks for the instructions on how to update IE9. Which ESU bypass are you referring to? The only one that I'm familiar with is BypassESU-v11.7z for Windows 7 and Server 2008 R2. Update: The KB5006750 servicing stack update for Server 2008 for October 2021 was already installed. The KB5006764 update for NET Framework for Server 2008 for October 2021 was already installed. I tried to manually install the KB5006736 security monthly quality rollup for Server 2008 for October 2021, but it failed and displayed a "This update does not apply to your system" message. The created .bat file was placed in the same folder with the KB5006671 update for IE9 for October 2021 and was run. It took about 2 minutes to complete before the command window disappeared. I then ran the KB5006671 update and was expecting it to successfully install. Not! A "This update does not apply to your system" message appeared. I'm at a standstill for now until I hear back from you. Frank
I guess I misunderstood your instructions. I assumed I was suppose to manually install KB5006671 after running the .bat file. I didn't know the .bat file would silently install the update. After I submitted the above post, I decided to load IE9 and see what version it is. It was 9.0.270. Thanks!
to get this working. just install all updates until 2020-01 then install all the updates manually until eol in 2023