Solved

Offline update and patch of 98, Me, 2K and XP?

Posted on 2004-09-30
11
357 Views
Last Modified: 2006-11-17
I have a client with five machines with Windows 98, millennium, 2000 and XP Pro and home.  They are not connected to the Internet.  I need to get these machines updated with all Microsoft patches.

I have reviewed the various patch management solutions already posted on this web site.  Some things have changed since those articles were written.  in particular, The Microsoft web site no longer has an option to buy a CD-ROM of patches for the various systems.

Since this is a small site, there isn't a window server on the network, thus using SUS is questionable.

What options are there to manage the updated these machines without a window server?

I am particularly interested in a complete solution that handles all of the machines and all patches for them.

It would also be nice if it wasn't too expensive!

JGT
0
Comment
Question by:jgt10
  • 3
  • 2
  • 2
  • +4
11 Comments
 
LVL 18

Expert Comment

by:luv2smile
Comment Utility
Hmmm....I'm not sure this is possible with no internet connection. The critical part of patch management is to timely pull the latest updates off of some server some where. How else would you get the updates?

Even if you could buy something out of the box and instsall it that would give you all the current updates. How would you contitnue to keep the machines up to date?

Its just like buying an antivirus product.....its useless unless you have a connection to a server somewhere that allows you to get the latest updates.
0
 
LVL 18

Expert Comment

by:luv2smile
Comment Utility
Are they just not on the internet or do they not have a network connection? How are they connected?

With 5 machines, the logical thing is to update them manually instead of using a managed solution.
0
 

Author Comment

by:jgt10
Comment Utility
In this case I'm not concerned about timely update to protect the systems against attack, since the machines can not access the internet.

I am concerned about the complexity of determining what patches are installed and what need to needs to be patched.  I'm not thrilled about performing that process manually.

They have one machine in the office that connects to the internet.  They use that one for email and Internet research.  The rest are on a network that has no connection to the internet.  This was a very deliberate step by the owner.  One I approve of as it removes 90% of the problems.  

There is the last 10% of problems (roughly) that need to be patched for correct (cough) operation of the systems.

Even if I update them manually, there is a question in my mind of how I determine what is needed on each machine...each one is a different version of Windows.

Comments?  Ideas?

JGT
0
 
LVL 18

Expert Comment

by:luv2smile
Comment Utility
Hmmmm.....

Well there is Microsoft Baseline Security Analyzer which can be downloaded and run on the 2000 and xp machines which will tell you what updates those machines need. This doesn't work for 98 or ME. It may be worth while to think about putting atleast 2000 on those 2 machines.

http://www.microsoft.com/technet/security/tools/mbsaqa.mspx

Just a thought....
0
 
LVL 17

Assisted Solution

by:Jared Luker
Jared Luker earned 50 total points
Comment Utility
I say that you hook up a hub to that internet connection that the one computer is on and get yourself a 2 port KVM.  Take your computers back one at a time every 3 - 6 months.  

Plug in, update, and wash your hands of it for the next 6 months.  With just 5 machines, I don't think that anything else would be worth your time, if they are even possible.

jared
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 6

Assisted Solution

by:WhitePhantom
WhitePhantom earned 50 total points
Comment Utility
This may help for patching of the WinXP systems.

http://www.keyserproject.com/keyserfiles.htm

Keyser Soze's XP Security Pack 2.001 (April 2004)
Pack Size: 46.84mb
0
 
LVL 1

Assisted Solution

by:gor_c
gor_c earned 100 total points
Comment Utility
Assuming that the computer that is on the internet has a good firewall in place it should be reasonably well protected against viruses/hackers etc.
You could set up Internet connection sharing, which requires purchase of one crossover cable.
You connect one computer to the one with the internet connection and that computer would be able to access the internet through the one internet connection.
You can download whatever updates you need, then move on to the the next computer.
0
 
LVL 5

Accepted Solution

by:
zerofield earned 150 total points
Comment Utility
here's a link to how to make a windows update cd.  this would work perfect for the application you'r speaking about.  you may even be able to simply burn them monthly updates and mail them to them.

http://www.eweek.com/article2/0,1759,1619065,00.asp
0
 
LVL 3

Assisted Solution

by:wjal
wjal earned 150 total points
Comment Utility
It's unfortunate that the Feb/04 Security Update CD is no longer available but the bulk of all updates are still available on CD in the form of SP4 for W2K and SP2 for XP.

MS UPDATES on CD

W2KSP4
http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/ordercd.asp

XPSP2
http://www.microsoft.com/windowsxp/downloads/updates/sp2/cdorder/en_us/default.mspx

For the rest, I would browse through the Windows Update Catalog for updates that do not pertain to internet security, which, to be sure, is less than 10% of the remaining updates.

Windows Update Catalog
http://v4.windowsupdate.microsoft.com/catalog/en/default.asp

Updates from the Catalog can be downloaded on any machine and saved to disk. You can burn them to CD and install them at your leisure.

/pax
0
 

Author Comment

by:jgt10
Comment Utility
Excellent!  That is the kind of help I was looking for!

luv2smile:  I would like to upgrade the 98 and Me systems as well. As long as the machines are performing well enough for the customer, I don't push.

gor_c: I hadn't thought of using the internet connection sharing function.  The drawbacks are it requires moving the computers and a second ethernet or using a USB port to make the connection.  I don't want to move the machines around and I'm not sure I want to be hauling a 50 or 100 foot cat5 throug the office to do the job either.  It is a good idea and I will look at it further.

zerofield:  That is the pointer that I needed!  Thanks!

wjal: I'm using Win XP Pro and the update catalog automatically starts looking for patches and updates for XP, not letting me select updates for the other systems.  The other two URLs work as advertised.  Thanks!

0
 
LVL 3

Expert Comment

by:wjal
Comment Utility
It is necessary to use some recent version of Internet Explorer to successfully browse that site. When you arrive at the page in the link, choose "Find Updates for Microsoft Operating Systems". On the susequent page, highlight the OS that has your interest and click the Search button. All MS operting systems since 98SE are represented.
A bit of advice on browsing these updates:
If for instance, you are looking for XP Home udates, most of them will be found under "Windows XP RTM" (if you have no service packs installed). You will also need the updates listed under "Windows XP Home RTM" as they apply to XP Home in particular. That is to say, the updates that apply to both versions, Home and Pro, are listed under "Windows XP RTM".
One could fairly assume that all XP Home updates would be listed under "XP Home", but this is not the case.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Introduction How to create multiboot configuration with XP\Vista and Windows 7 on it? And most important question - how to do this correctly so not to have any kind of nightmares we get when system gets screwed? First of all one should realize t…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now