I think, that kb2631813 was superseded by the full quality update rollup for October 2016 or November 2016.
At one point, I could automatically download this update, using a complicated method to calculate superseded updates: it was meant to recover superseded updates, if the superseding update is omitted from download. Then the update kb2631813 for w61-x64 was actually downloaded.
But most of these calculations are not necessary anymore: In November 2016, the full quality update rollup superseded the security-only update rollup. This meant, that the security-only updates were not downloaded, even if the full quality update rollups were excluded from download.
This caused problems with WSUS Offline Update, and the "new method for calculating superseded updates" was meant to handle this. But it also caused problems with Microsoft's own tools, and then it was reverted the very next month, in December 2016:
More on Windows 7 and Windows 8.1 servicing changes
UPDATE: 12/5/2016: In November 2016, the Security Monthly Quality Rollups were released as superseding the Security Only Quality updates. This resulted in an impact to customers deploying the Security Only Quality updates, using tools that cannot easily deploy superseded updates, such as System Center Configuration Manager 2007. Based on customer feedback, this supersedence has been changed in December 2016. Please review the updates below if this impacts your deployment scenarios.
(...)
UPDATED 12/5/2016: Starting in December 2016, monthly rollups will not supersede security only updates. The November 2016 monthly rollup will also be updated to not supersede security only updates. Installing the latest monthly rollup will ensure the PC is compliant for all security updates released in the new servicing model."
https://blogs.technet.microsoft.com/win ... g-changes/
Now the problem rather is, that by default, both "quality" and "security-only" updates are downloaded. This is not a major problem, but maybe we could just save some space.
Remaining issues can be solved by adding the updates to the configuration files were necessary: I would suggest to add "windows6.1-kb2631813-x64" to the file wsusoffline/exclude/ExcludeList-superseded-exclude.txt or to the custom counterpart wsusoffline/exclude/custom/ExcludeList-superseded-exclude.txt .
The update kb4040973 is the September 2017 Security and Quality Rollup for .NET Frameworks. The reference can be found in all these files:
- Code: Select all
wsusoffline/client/static/StaticUpdateIds-w60-x86.txt
wsusoffline/client/static/StaticUpdateIds-w60-x64.txt
wsusoffline/client/static/StaticUpdateIds-w61-dotnet4-393297.txt
wsusoffline/client/static/StaticUpdateIds-w61-dotnet4-394271.txt
wsusoffline/client/static/StaticUpdateIds-w61-dotnet4-394806.txt
wsusoffline/client/static/StaticUpdateIds-w61-dotnet4-460805.txt
These updates are only necessary, if you installed one of the .NET Frameworks manually. The bundled or pre-installed .NET Framework for Windows 7 is updated with the regular Windows 7 updates.
The best check, which updates are actually missing, would be a test with the Microsoft Baseline Security Analyzer (MBSA). It uses the same WSUS catalog file wsusscn2.cab and can work completely offline, just like WSUS Offline Update.