Quick post about MBSA

• Context

A PM.org member asked to the list:

We use MBSA with a few down-level OS’s as well as Windows 10 in several offline environments, and until this month, it still worked.

• Problem

It appears that MBSA isn’t supported anymore: https://docs.microsoft.com/en-us/windows/security/threat-protection/mbsa-removal-and-guidance

• Solution

Another member suggested the following:

Why not use WUA script to scan for updates offline ?
https://docs.microsoft.com/en-us/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offline

If you’ve a downloaded version of the wsusscn2.cab file that you indicate as the FilePath parameter of the following script, you can do:

Start-WUOfflineScan -FilePath C:\temp\wsusscn2.cab -Verbose

	Function Start-WUOfflineScan {
	<#
	.SYNOPSIS
	Start an offline WUA scan
	.DESCRIPTION
	Start an offline WUA (Windows Update Agent) scan using wsusscn2.cab.
	.PARAMETER FilePath
	Specifies the path to the wsusscn2.cab file to be used to perform the offline scan.
	.PARAMETER IncludeSupersededUpdate
	Specifies to include superseded updates in the results if any.
	.EXAMPLE
	Start-WUOfflineScan -FilePath C:\temp\wsusscn2.cab -Verbose
	.NOTES
	You can get the offline wsusscn2.cab from:
	http://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscn2.cab
	Official doc is:
	https://docs.microsoft.com/en-us/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offline
	#>
	[CmdletBinding()]
	Param(
	[Parameter(Mandatory)]
	[ValidateScript({Test-Path -Path $_ -PathType Leaf})]
	$FilePath,
	[switch]$IncludeSupersededUpdate
	)
	Begin {
	if ($FilePath -match '^~') {
	$FilePath = $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($FilePath)
	}
	try {
	$UpdateSvc = New-Object -ComObject Microsoft.Update.ServiceManager
	} catch {
	Write-Warning -Message "Failed to query if server is configured against a WSUS server because $($_.Exception.Message)"
	}
	Function Test-WUARebootRequired {
	try {
	(New-Object -ComObject 'Microsoft.Update.SystemInfo').RebootRequired
	} catch {
	Write-Warning -Message "Failed to query COM object because $($_.Exception.Message)"
	}
	}
	}
	Process {
	if (-not(Test-WUARebootRequired)) {
	try {
	# Create a session
	$Session = New-Object -ComObject Microsoft.Update.Session
	# Import the the offline cab
	$UpdateService = $UpdateSvc.AddScanPackageService('Offline Sync Service',"$($FilePath)", 1)
	$Searcher = $Session.CreateUpdateSearcher()
	$Searcher.ServerSelection = 3 #ssOthers
	if ($IncludeSupersededUpdate) {
	$Searcher.IncludePotentiallySupersededUpdates = $true
	}
	$Searcher.ServiceID = $UpdateService.ServiceID.ToString()
	$Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
	# Search for updates
	$SearchResult = $Searcher.Search($Criteria)
	} catch {
	Write-Warning -Message "Failed to search for missing updates because $($_.Exception.Message)"
	if ($SearchResult) {
	Write-Warning -Message "The search result status code was $($SearchResult.ResultCode)"
	}
	break
	}
	if ($SearchResult.ResultCode -eq 2) {
	# Output what was found
	if (($SearchResult.Updates).Count -ne 0) {
	$SearchResult.Updates |
	ForEach-Object {
	Write-Verbose -Message "Missing update: $($_.Title)"
	$_
	}
	} else {
	Write-Verbose -Message 'There are no updates to install' -Verbose
	}
	} else {
	Write-Warning -Message 'Failed to search for updates'
	Write-Warning -Message "The search result status code was $($SearchResult.ResultCode)"
	}
	} else {
	Write-Warning -Message 'A reboot is pending'
	}
	}
	End {}
	}

view raw Start-WUOfflineScan.ps1 hosted with ❤ by GitHub

Advertisement