Missing .Net patches in server 2008 R2 and later

Missing .Net patches in server 2008 R2 and later

Postby rbronca » 16.08.2018, 06:05

I'm closely looking at what files are being copied for each operating system and have found a large gap.
I'm looking at server operating systems only.

For 2008 approximately 35 .Net 3.5, 4.5, 4.6 and 4.7 patches are present in the E:\WSUSOffline\W2K832\dotnet\x86-glb folder
(The subdirectory below WSUSOffline is one I create for each OS).

This is as expected - you can patch any of the three .Net supported frameworks and have the option to install the 4.6 framework.

For 2008 R2 and later just two 4.7 patches are present in E:\WSUSOffline\OS\dotnet\x64-glb
The missing patches are present in E:\WSUSOffline\client\dotnet\x64-glb, but they are not copied.
The iso directory is also identical.

Unless you have actually installed .Net 4.7 you cannot currently patch any other framework version other than the 3.5 patches the are part of the OS-x64 directory.

Is this as expected?

I have freshly downloaded and reinstalled the 11.4 version and re-downloaded all patches with identical results.

Could this be a coding error as the 2008 operating system tops out at Dotnet 4.6 and has all patches, but all the others currently top out at 4.72 but only get 4.7 patches?

Please keep up the great work.
rbronca
 
Posts: 52
Joined: 19.08.2015, 08:14

Re: Missing .Net patches in server 2008 R2 and later

Postby Dalai » 16.08.2018, 16:57

AFAIK WSUS Offline only supports the .NET versions integrated in the OS and the most recent one, currently 4.7.2 (Win7 and up) and 4.6 (Vista). IIRC .NET 4.5 is not supported anymore by MS; not sure about 4.6. Note that .NET 4.7 fully replaces/supersedes 4.6 and 4.5, so you actually need only the latest version.

Regards
Dalai
Dalai
 
Posts: 1041
Joined: 12.07.2016, 21:00

Re: Missing .Net patches in server 2008 R2 and later

Postby boco » 16.08.2018, 17:21

Additionally, this month's .NET patches are not updated in the repository, yet.
Microsoft update catalog: http://catalog.update.microsoft.com/v7/site/
Windows Install media download: https://support.microsoft.com/en-us/help/15088/windows-create-installation-media
boco
 
Posts: 2391
Joined: 24.11.2009, 17:00
Location: Germany

Re: Missing .Net patches in server 2008 R2 and later

Postby rbronca » 16.08.2018, 23:25

Dalai wrote:AFAIK WSUS Offline only supports the .NET versions integrated in the OS and the most recent one, currently 4.7.2 (Win7 and up) and 4.6 (Vista). IIRC .NET 4.5 is not supported anymore by MS; not sure about 4.6. Note that .NET 4.7 fully replaces/supersedes 4.6 and 4.5, so you actually need only the latest version.

Regards
Dalai

Hello Dalai, unfortunately, just about everything you stated is factually incorrect.
3.5, 4.5.2 and 4.6 and above are all fully supported by Microsoft and will be for some time. There are lots of big ticket apps that don't play nice with anything other than 4.5.2.

If you look in the Microsoft catalog at this months .Net patches, for each of them when you click the download button there will be at least 3 patches (+ prereqs if required). Google the kb articles and you will find the three patches address 3.5, 4.5.2 and 4.6+ vulnerabilities.

This page shows what is currently supported: https://blogs.msdn.microsoft.com/dotnet ... ty-rollup/

The only way WSUSOffline can influence the .Net framework versions are if you select the "Install .Net Framework 3.5" or "Install .Net Framework 4.7.2". Since these are not mandatory or even the default, the patching side of WSUSOffline must support the patching of all the officially supported .Net Framework versions.

Yes, patching is very confusing now with multiple patches per month to deal with. It is almost a full time job keeping on top of things now.
Thank you Microsoft.

Regards
Robert
rbronca
 
Posts: 52
Joined: 19.08.2015, 08:14

Re: Missing .Net patches in server 2008 R2 and later

Postby Dalai » 17.08.2018, 02:00

rbronca wrote:Hello Dalai, unfortunately, just about everything you stated is factually incorrect.

OK, I was wrong about the support for 4.5 and maybe 4.6, but everything else is still true. More details below.

The only way WSUSOffline can influence the .Net framework versions are if you select the "Install .Net Framework 3.5" or "Install .Net Framework 4.7.2". Since these are not mandatory or even the default, the patching side of WSUSOffline must support the patching of all the officially supported .Net Framework versions.

If you install .NET Framework itself only via WSUS Offline, it supports only the version of .NET integrated into the OS, and the latest 4.x version, 4.7.2 in case of Win7+. If you want to install updates for .NET 4.5 or 4.6 (or any of their sub-versions) with WSUS Offline, you can do that because the updates are in the repository. However, you have to install this .NET Framework version by other means (or manually) beforehand to be able to do so.

Yes, patching is very confusing now with multiple patches per month to deal with. It is almost a full time job keeping on top of things now.
Thank you Microsoft.

Indeed.

Regards
Dalai
Dalai
 
Posts: 1041
Joined: 12.07.2016, 21:00

Re: Missing .Net patches in server 2008 R2 and later

Postby rbronca » 17.08.2018, 03:33

I worked out it was an exclude setting that stopped the .Net 45 and 46 updates copying.
The custom directory doesn't work for this and had to modify the main copy. It wasn't overwritten interestingly.
I have also manually bolted on the Aug .Net patches.
I currently have a heap of servers updating at the moment, my fingers are crossed that those changes worked.

regards
Robert
rbronca
 
Posts: 52
Joined: 19.08.2015, 08:14


Return to Fehlende Updates / Missing updates

Who is online

Users browsing this forum: No registered users and 7 guests

cron