forums.wsusoffline.net

[deg]

Hi,
I use DoUpdate.cmd, \client\exclude\ExcludeList.txt contents the Office SP3 line per default for excluding, but when execute the DoUpdate.cmd, then the SP3 will be still installed.

[harry]

WSUSOU always installs the latest service pack if necessary, it can't be excluded!

See also .\doc\faq-enu.txt (point 2b):

Q: Can I exclude patches from download and/or installation?
A: Yes, that's possible through customizing the download- and update scripts according to your requirements. You may add new patches or exclude existing ones. Please follow this guide:

1. Exclude patches from download
You have to differentiate between statically defined updates (like the latest Service Packs, for example) and updates that are determined dynamically at runtime of the script.

a) Statically defined updates
Should you desire to exclude all static updates from download, simply check the "Exclude statically defined updates" checkbox inside the Update Generator before downloading. Please be aware that updates you downloaded earlier, which are now excluded, will be deleted on the run.

b) Dynamically determined updates
To exclude dynamically determined updates from download, insert their knowledge base ID (KBxxxxxx or simply xxxxxx) into the matching exclude file named "ExcludeList-<platform>[-<architecture>].txt".

2. Excluding updates from installation
Once again you have to make a difference between statically defined and dynamically determined updates.
a) Statically defined updates
The statically defined updates (latest version each) are:
- Service Pack (SP)
- Windows Update Agent (WUA)
- Microsoft Installer (MSI)
- Windows Script Host (WSH)
- Internet Explorer (IE)
These updates will be installed only if the version installed on the target system is lower than the versions defined in the file "SetTargetEnvVars.cmd" (directory .\client\cmd). If you generally want to prevent installation of one of those updates, you have to modify the expected values in the "SetTargetEnvVars.cmd" or insert jump marks into the "DoUpdate.cmd" (which controls the installation process). You should do this in very special cases only, as with SP, WUA, MSI and WSH, certain versions are required as preconditions.
b) Dynamically determined updates
To exclude dynamically determined updates from installation, insert their knowledge base ID (KBxxxxxx or simply xxxxxx) into the file "ExcludeList.txt" (directory .\client\exclude). These updates will now be ignored; and you'll receive a warning in the log.

The following updates are already excluded:
- kb816093 (Security update for Microsoft VM)
- kb951847 (.NET Framework 3.5 SP1 Family Update (will be explicitly installed if selected))
- kb890830 (Windows Malicious Software Removal Tool (MSRT))
- kb931125 (Trusted Root Certificates (will be explicitly updated if selected))
- kb2917500 (Revoked Root Certificates (will be explicitly updated if selected))
- kb926874 (Internet Explorer 7 (will be explicitly installed if selected))
- kb940767 (Internet Explorer 7 (will be explicitly installed if selected))
- kb944036 (Internet Explorer 8 (will be explicitly installed if selected))
- kb982861 (Internet Explorer 9 (will be explicitly installed if selected))
- kb2718695 (Internet Explorer 10 (will be explicitly installed if selected))
- kb2841134 (Internet Explorer 11 (will be explicitly installed if selected))
- kb976002 (Browser Choice)
- kb923618 (Office 2003 Service Pack 3 (will be implicitly installed if required))
- kb2526086 (Office 2007 Service Pack 3 (will be implicitly installed if required))
- kb2687455 (Office 2010 Service Pack 2 (will be implicitly installed if required))
- kb2817430 (Office 2013 Service Pack 1 (will be implicitly installed if required))
- kb936929 (Windows XP Service Pack 3 (will be implicitly installed if required))
- kb914961 (Windows Server 2003 Service Pack 2 (will be implicitly installed if required))
- kb936330 (Windows Vista Service Pack 1 (will be implicitly installed if required))
- kb948465 (Windows Vista Service Pack 2 (will be implicitly installed if required))
- kb976932 (Windows 7 Service Pack 1 (will be implicitly installed if required))

Please be aware that excluding updates may have an impact on the security of your PC.