I was trying to find what updates can be applicable to the given system? I saw WUA Api calls page. I was wondering how Windows update agent works? How windows decides which KB's they need to install? Is there any central place like registry where I know different components installed or default with version information? and then decides patches?
For example, to install dot net KB's or IE KB's how do I find dot net, IE, vbscript like components first on the system?
Any idea?
The IUpdateSearcher interface of the WUA API in the Client invokes a remote communication protocol (based on SOAP XML over HTTP) which communicates with the Microsoft’s public Windows Update server or with the optional local Windows Server Update Services (WSUS) server.
The WSUS acts as a proxy to Microsoft’s public Windows Update server. The WSUS server fetches updates via the Internet from Windows Update server and caches them locally. Intranet-based PCs are then configured to fetch updates from the WSUS server. The address of the WSUS server is configured using the following registry key:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\WUServer
A part of this protocol involves the transmission of OS Configuration data and a categorized list of already installed updates (and hardware) to the Server. See the RegisterComputer and SynchUpdates messages of this communication protocol, which are described at:
https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-WUSP/%5bMS-WUSP%5d.pdf
Based on the information provided in these messages by the Client to the update Server, the Server replies with the list of the applicable updates in the
SyncUpdates Response message.
...and if the WUA is using the local offline scan-package WSUSSCN2.CAB through the IUpdateServiceManager.AddScanPackageService() API method, to discover the applicable updates without any connection to the Internet, then it uses the XML files contained inside this package to determine the applicability. For example, see the XML tags <upd:ApplicabilityRules> and <upd:IsInstallable> from a fragment of the WSUSSCN2.CAB file below:
<upd:Update xmlns:pub="http://schemas.microsoft.com/msus/2002/12/Publishing" xmlns:cmd="http://schemas.microsoft.com/msus/2002/12/UpdateHandlers/CommandLineInstallation" xmlns:bar="http://schemas.microsoft.com/msus/2002/12/BaseApplicabilityRules" xmlns:lar="http://schemas.microsoft.com/msus/2002/12/LogicalApplicabilityRules" xmlns:upd="http://schemas.microsoft.com/msus/2002/12/Update">
<upd:UpdateIdentity UpdateID="e55001a2-1fdd-4472-9c3c-b1e301460985" RevisionNumber="106" />
<upd:Properties DefaultPropertiesLanguage="en" UpdateType="Software" Handler="http://schemas.microsoft.com/msus/2002/12/UpdateHandlers/CommandLineInstallation" PublicationState="Published" CreationDate="2009-04-27T21:44:22.464Z" PublisherID="395392a0-19c0-48b7-a927-f7c15066d905" MaxDownloadSize="6528440" MinDownloadSize="0">
<upd:InstallationBehavior RebootBehavior="CanRequestReboot" />
<upd:Language>zh-cn</upd:Language>
</upd:Properties>
<upd:LocalizedPropertiesCollection>
<upd:LocalizedProperties>
<upd:Language>en</upd:Language>
<upd:Title>CHS</upd:Title>
</upd:LocalizedProperties>
</upd:LocalizedPropertiesCollection>
<upd:Relationships>
<upd:Prerequisites>
<upd:AtLeastOne>
<upd:UpdateIdentity UpdateID="5b56a815-2aef-40dc-9960-36bac15d1818" />
<upd:UpdateIdentity UpdateID="cf3b8086-5954-4857-b492-339cbdeba89b" />
</upd:AtLeastOne>
<upd:AtLeastOne>
<upd:UpdateIdentity UpdateID="59653007-e2e9-4f71-8525-2ff588527978" />
<upd:UpdateIdentity UpdateID="aabd43ad-a183-4f0b-8eee-8dbbcd67687f" />
<upd:UpdateIdentity UpdateID="3e0afb10-a9fb-4c16-a60e-5790c3803437" />
</upd:AtLeastOne>
<upd:AtLeastOne>
<upd:UpdateIdentity UpdateID="3b4b8621-726e-43a6-b43b-37d07ec7019f" />
<upd:UpdateIdentity UpdateID="dbf57a08-0d5a-46ff-b30c-7715eb9498e9" />
<upd:UpdateIdentity UpdateID="26997d30-08ce-4f25-b2de-699c36a8033a" />
</upd:AtLeastOne>
</upd:Prerequisites>
</upd:Relationships>
<upd:ApplicabilityRules>
<upd:IsInstalled>
<lar:And xmlns:lar="http://schemas.microsoft.com/msus/2002/12/LogicalApplicabilityRules">
<bar:FileExists Path="Microsoft.NET\Framework\v1.0.3705\System.Web.dll" Csidl="36" xmlns:bar="http://schemas.microsoft.com/msus/2002/12/BaseApplicabilityRules" />
<bar:FileVersion Path="Microsoft.NET\Framework\v1.0.3705\System.Web.dll" Comparison="GreaterThanOrEqualTo" Version="1.0.3705.6060" Csidl="36" xmlns:bar="http://schemas.microsoft.com/msus/2002/12/BaseApplicabilityRules" />
<bar:RegKeyExists Key="HKEY_LOCAL_MACHINE" Subkey="Software\Microsoft\Active Setup\Installed Components\{3351022E-A2D8-4B52-B84D-491279866457}" RegType32="true" xmlns:bar="http://schemas.microsoft.com/msus/2002/12/BaseApplicabilityRules" />
</lar:And>
</upd:IsInstalled>
<upd:IsInstallable>
<lar:And xmlns:lar="http://schemas.microsoft.com/msus/2002/12/LogicalApplicabilityRules">
<bar:RegKeyExists Key="HKEY_LOCAL_MACHINE" Subkey="Software\Microsoft\Active Setup\Installed Components\{3351022E-A2D8-4B52-B84D-491279866457}" RegType32="true" xmlns:bar="http://schemas.microsoft.com/msus/2002/12/BaseApplicabilityRules" />
<lar:Not>
<bar:RegDword Key="HKEY_LOCAL_MACHINE" Subkey="SYSTEM\WPA\TabletPC" Value="Installed" Comparison="EqualTo" Data="1" xmlns:bar="http://schemas.microsoft.com/msus/2002/12/BaseApplicabilityRules" />
</lar:Not>
<lar:Not>
<bar:RegDword Key="HKEY_LOCAL_MACHINE" Subkey="SYSTEM\WPA\MediaCenter" Value="Installed" Comparison="EqualTo" Data="1" xmlns:bar="http://schemas.microsoft.com/msus/2002/12/BaseApplicabilityRules" />
</lar:Not>
</lar:And>
</upd:IsInstallable>
</upd:ApplicabilityRules>
<upd:Files>
<upd:File Digest="oYIv8m/lHbAFWB1MhR14EjvPIzc=" DigestAlgorithm="SHA1" FileName="NDP1.0sp3-KB928367-X86-Chs.exe" Size="6528440" Modified="2007-06-29T14:59:22.47" />
</upd:Files>
<upd:HandlerSpecificData xsi:type="cmd:CommandLineInstallation" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:pub="http://schemas.microsoft.com/msus/2002/12/Publishing">
<cmd:InstallCommand Arguments="-q" Program="NDP1.0sp3-KB928367-X86-Chs.exe" RebootByDefault="false" DefaultResult="Failed" xmlns:cmd="http://schemas.microsoft.com/msus/2002/12/UpdateHandlers/CommandLineInstallation">
<cmd:ReturnCode Reboot="false" Result="Succeeded" Code="0" />
<cmd:ReturnCode Reboot="true" Result="Succeeded" Code="3010" />
<cmd:ReturnCode Reboot="true" Result="Succeeded" Code="1641" />
</cmd:InstallCommand>
</upd:HandlerSpecificData>
</upd:Update>
Additional notes:
The WUA does not keep its database in the Registry. It keeps it in a JetBlue ESE database file at: %SystemRoot%\SoftwareDistribution\DataStore\DataStore.edb.
The WUA does NOT identify updates by KnowledgeBase (KB) numbers but by SHA1 based GUIDs that look like this: "5b56a815-2aef-40dc-9960-36bac15d1818".
You can see these GUIDs in the XML fragment above and you can obtain them via the WUA API IUpdate.get_Identity().