caliber wrote:where do the embedded updates (121) come from ?
WSUS Offline Update gets most updates from the WSUS offline scan file wsusscn2.cab. It extracts the first file of the archive, package.xml. This file is basically a list of all known security updates and their relations. (It does not include optional updates.)
caliber wrote:why doesn't the 9.2.5 version download embedded updates ?
WSUS Offline Update uses rules to extract the needed information from the file package.xml. These rules are in the file wsusoffline/xslt/ExtractDownloadLinks-wxp-x86-esn.xsl. This file is different in the versions 9.2.1 and 9.2.5 ESR:
- In version 9.2.1, the first rule basically says:
Extract all URLs, which contain 'http://' and '/windowsxp' and '-esn' and '.exe', but not '-custom-' or '/2014/' - In version 9.2.5 ESR, the same rule is:
Extract all URLs, which contain 'http://' and '/windowsxp' and '-esn' and '.exe', but not '-custom-' or '-embedded-'
So, all URLs with '-embedded-' are explicitly excluded in the ESR version, because WSUS Offline Update does not use them.
Version 9.2.1 was released on 2014-05-05. So maybe the first rule worked at the time being.
I don't really know, which updates were available in 2014, but I guess, it was like this: As long as all versions of Windows XP were supported, there was no distinction between "regular" and "embedded" updates. But in 2014, the support for the regular desktop versions ended. The embedded Windows XP POSReady was still supported, and paying customers could still get an extended support. At this point, the distinction between "regular" updates, "embedded" updates and "custom" updates probably started.
caliber wrote:are embedded updates the same as POSReady updates released till April 2019 ?
I think so.
PS
WSUS Offline Update 9.2.5 ESR includes some important updates, which were released as custom updates for Windows XP in 2017 and 2019. These are not in the file wsusscn2.cab, and therefore, they are missing in version 9.2.1. In version 9.2.5, they are statically defined in the file wsusoffline/static/StaticDownloadLinks-wxp-x86-esn.txt.
WannaCry-Patches from 2017
https://support.microsoft.com/en-us/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms
BlueKeep-Patches from 2019
https://arstechnica.com/information-technology/2019/05/microsoft-warns-wormable-windows-bug-could-lead-to-another-wannacry/
https://arstechnica.com/information-technology/2019/05/microsoft-says-its-confident-an-exploit-exists-for-wormable-bluekeep-flaw/
https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Regards,
hbuhrmester