Jump to content

Patches on PC not connected to Internet

Guest Alfred

By Guest Alfred
in Techno Babble

 Share

Recommended Posts

Guest Alfred

Guest Alfred

Posted
Posted

I have to patch 10 PC (XP SP2) that are not connected to Internet and not

connected to local network. Each PC is "isoleted".

 

How may I do that ?

 

Regards

 

Alfred

  • Replies 10
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Malke

Guest Malke

Posted
Posted

Alfred wrote:

<span style="color:blue">

>

> I have to patch 10 PC (XP SP2) that are not connected to Internet and not

> connected to local network. Each PC is "isoleted".

>

> How may I do that ?</span>

 

Don't have a server so can't do WSUS? Then download the updates and either

burn to DVD or put on a shared computer on the network.

 

How to download updates and drivers from the Windows Update Catalog or from

the Microsoft Update Catalog:

http://support.microsoft.com/default.aspx?...kb;en-us;323166

Store Windows Updates locally for subsequent installations -

http://windowsxp.mvps.org/saveupdates.htm

 

Malke

--

MS-MVP

Elephant Boy Computers - Don't Panic!

FAQ - http://www.elephantboycomputers.com/#FAQ

Guest Shenan Stanley

Guest Shenan Stanley

Posted
Posted

Alfred wrote:<span style="color:blue">

> I have to patch 10 PC (XP SP2) that are not connected to Internet

> and not connected to local network. Each PC is "isoleted".

>

> How may I do that ?</span>

 

You can download all the updates and put them on a portable media of some

sort and take them to each machine (since these machines are not networked

in any way...)

 

Example:

 

Each month Microsoft puts out that months

patches in an ISO format for burning to CD/DVD:

http://support.microsoft.com/kb/913086

 

--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html

Guest Alfred

Guest Alfred

Posted
Posted

OK for cd DVD but after, how to apply the good patches and how to do this

automaticaly.

 

Thanks

 

Regards

 

"Shenan Stanley" wrote:

<span style="color:blue">

> Alfred wrote:<span style="color:green">

> > I have to patch 10 PC (XP SP2) that are not connected to Internet

> > and not connected to local network. Each PC is "isoleted".

> >

> > How may I do that ?</span>

>

> You can download all the updates and put them on a portable media of some

> sort and take them to each machine (since these machines are not networked

> in any way...)

>

> Example:

>

> Each month Microsoft puts out that months

> patches in an ISO format for burning to CD/DVD:

> http://support.microsoft.com/kb/913086

>

> --

> Shenan Stanley

> MS-MVP

> --

> How To Ask Questions The Smart Way

> http://www.catb.org/~esr/faqs/smart-questions.html

>

>

> </span>

Guest Alfred

Guest Alfred

Posted
Posted

OK for cd DVD whith patches but after, how to apply the good patches and how

to do this automaticaly.

 

Thanks

 

Regards

 

"Malke" wrote:

<span style="color:blue">

> Alfred wrote:

> <span style="color:green">

> >

> > I have to patch 10 PC (XP SP2) that are not connected to Internet and not

> > connected to local network. Each PC is "isoleted".

> >

> > How may I do that ?</span>

>

> Don't have a server so can't do WSUS? Then download the updates and either

> burn to DVD or put on a shared computer on the network.

>

> How to download updates and drivers from the Windows Update Catalog or from

> the Microsoft Update Catalog:

> http://support.microsoft.com/default.aspx?...kb;en-us;323166

> Store Windows Updates locally for subsequent installations -

> http://windowsxp.mvps.org/saveupdates.htm

>

> Malke

> --

> MS-MVP

> Elephant Boy Computers - Don't Panic!

> FAQ - http://www.elephantboycomputers.com/#FAQ

>

> </span>

Guest Shenan Stanley

Guest Shenan Stanley

Posted
Posted

Alfred wrote:<span style="color:blue">

> OK for cd DVD but after, how to apply the good patches and how to

> do this automaticaly.</span>

 

You have taken a lot of this ability away by not having them connected to

any internet/network. You probably have taken away much of the actual need

for patches as well, however. hah

 

Why are you updating these computers that never communicate with anything

beyond themselves?

(Just in case?)

 

You might try the Microsoft Baseline Security Analyzer

http://www.microsoft.com/downloads/details...&displaylang=en

 

Other than that - you just install all the updates released each month for

all the products you have installed.

 

--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html

Guest Alfred

Guest Alfred

Posted
Posted

Because this PC import/export data from USB keys and this keys are not

trusted.

 

Regards

 

Alfred

 

"Shenan Stanley" wrote:

<span style="color:blue">

> Alfred wrote:<span style="color:green">

> > OK for cd DVD but after, how to apply the good patches and how to

> > do this automaticaly.</span>

>

> You have taken a lot of this ability away by not having them connected to

> any internet/network. You probably have taken away much of the actual need

> for patches as well, however. hah

>

> Why are you updating these computers that never communicate with anything

> beyond themselves?

> (Just in case?)

>

> You might try the Microsoft Baseline Security Analyzer

> http://www.microsoft.com/downloads/details...&displaylang=en

>

> Other than that - you just install all the updates released each month for

> all the products you have installed.

>

> --

> Shenan Stanley

> MS-MVP

> --

> How To Ask Questions The Smart Way

> http://www.catb.org/~esr/faqs/smart-questions.html

>

>

> </span>

Guest Shenan Stanley

Guest Shenan Stanley

Posted
Posted

Alfred wrote:<span style="color:blue">

> I have to patch 10 PC (XP SP2) that are not connected to Internet

> and not connected to local network. Each PC is "isoleted".

>

> How may I do that ?</span>

 

Shenan Stanley wrote:<span style="color:blue">

> You can download all the updates and put them on a portable media

> of some sort and take them to each machine (since these machines

> are not networked in any way...)

>

> Example:

>

> Each month Microsoft puts out that months

> patches in an ISO format for burning to CD/DVD:

> http://support.microsoft.com/kb/913086</span>

 

Alfred wrote:<span style="color:blue">

> OK for cd DVD but after, how to apply the good patches and how to

> do this automaticaly.</span>

 

Shenan Stanley wrote:<span style="color:blue">

> You have taken a lot of this ability away by not having them

> connected to any internet/network. You probably have taken away

> much of the actual need for patches as well, however. hah

>

> Why are you updating these computers that never communicate with

> anything beyond themselves?

> (Just in case?)

>

> You might try the Microsoft Baseline Security Analyzer

> http://www.microsoft.com/downloads/details...&displaylang=en

>

> Other than that - you just install all the updates released each

> month for all the products you have installed.</span>

 

Alfred wrote:<span style="color:blue">

> Because this PC import/export data from USB keys and this keys are

> not trusted.</span>

 

Doubtful most of the Windows Updates will help with that issue (not that

they would hurt - but few are oriented in that manner.)

 

You would be better served with an up-to-date AntiVirus solution in that

respect.

(Of course - the systems being on no network also makes keeping something

updated so often difficult.)

 

Also - making sure the users of said systems are only 'user level' accounts

help as well. It's hard for malware/viruses to do much of anything if the

user they are trying to utilize couldn't do it given their system rights in

the first place.

 

--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html

Guest Alfred

Guest Alfred

Posted
Posted

OK. Thank you.

 

In conclusion,

- impossible to update easily Windows on a not connected PC,

- update antivirus easier.

 

Regards

 

Alfred

 

"Shenan Stanley" wrote:

<span style="color:blue">

> Alfred wrote:<span style="color:green">

> > I have to patch 10 PC (XP SP2) that are not connected to Internet

> > and not connected to local network. Each PC is "isoleted".

> >

> > How may I do that ?</span>

>

> Shenan Stanley wrote:<span style="color:green">

> > You can download all the updates and put them on a portable media

> > of some sort and take them to each machine (since these machines

> > are not networked in any way...)

> >

> > Example:

> >

> > Each month Microsoft puts out that months

> > patches in an ISO format for burning to CD/DVD:

> > http://support.microsoft.com/kb/913086</span>

>

> Alfred wrote:<span style="color:green">

> > OK for cd DVD but after, how to apply the good patches and how to

> > do this automaticaly.</span>

>

> Shenan Stanley wrote:<span style="color:green">

> > You have taken a lot of this ability away by not having them

> > connected to any internet/network. You probably have taken away

> > much of the actual need for patches as well, however. hah

> >

> > Why are you updating these computers that never communicate with

> > anything beyond themselves?

> > (Just in case?)

> >

> > You might try the Microsoft Baseline Security Analyzer

> > http://www.microsoft.com/downloads/details...&displaylang=en

> >

> > Other than that - you just install all the updates released each

> > month for all the products you have installed.</span>

>

> Alfred wrote:<span style="color:green">

> > Because this PC import/export data from USB keys and this keys are

> > not trusted.</span>

>

> Doubtful most of the Windows Updates will help with that issue (not that

> they would hurt - but few are oriented in that manner.)

>

> You would be better served with an up-to-date AntiVirus solution in that

> respect.

> (Of course - the systems being on no network also makes keeping something

> updated so often difficult.)

>

> Also - making sure the users of said systems are only 'user level' accounts

> help as well. It's hard for malware/viruses to do much of anything if the

> user they are trying to utilize couldn't do it given their system rights in

> the first place.

>

> --

> Shenan Stanley

> MS-MVP

> --

> How To Ask Questions The Smart Way

> http://www.catb.org/~esr/faqs/smart-questions.html

>

>

> </span>

Guest Shenan Stanley

Guest Shenan Stanley

Posted
Posted

Alfred wrote:<span style="color:blue">

> I have to patch 10 PC (XP SP2) that are not connected to Internet

> and not connected to local network. Each PC is "isoleted".

>

> How may I do that ?</span>

 

Shenan Stanley wrote:<span style="color:blue">

> You can download all the updates and put them on a portable media

> of some sort and take them to each machine (since these machines

> are not networked in any way...)

>

> Example:

>

> Each month Microsoft puts out that months

> patches in an ISO format for burning to CD/DVD:

> http://support.microsoft.com/kb/913086</span>

 

Alfred wrote:<span style="color:blue">

> OK for cd DVD but after, how to apply the good patches and how to

> do this automaticaly.</span>

 

Shenan Stanley wrote:<span style="color:blue">

> You have taken a lot of this ability away by not having them

> connected to any internet/network. You probably have taken away

> much of the actual need for patches as well, however. hah

>

> Why are you updating these computers that never communicate with

> anything beyond themselves?

> (Just in case?)

>

> You might try the Microsoft Baseline Security Analyzer

> http://www.microsoft.com/downloads/details...&displaylang=en

>

> Other than that - you just install all the updates released each

> month for all the products you have installed.</span>

 

Alfred wrote:<span style="color:blue">

> Because this PC import/export data from USB keys and this keys are

> not trusted</span>

 

Shenan Stanley wrote:<span style="color:blue">

> Doubtful most of the Windows Updates will help with that issue (not

> that they would hurt - but few are oriented in that manner.)

>

> You would be better served with an up-to-date AntiVirus solution in

> that respect.

> (Of course - the systems being on no network also makes keeping

> something updated so often difficult.)

>

> Also - making sure the users of said systems are only 'user level'

> accounts help as well. It's hard for malware/viruses to do much of

> anything if the user they are trying to utilize couldn't do it

> given their system rights in the first place.</span>

 

Alfred wrote:<span style="color:blue">

> OK. Thank you.

>

> In conclusion,

> - impossible to update easily Windows on a not connected PC,

> - update antivirus easier.</span>

 

I would say both of your conclusions are false and incomplete...

 

Conclusion 1) impossible to update easily Windows on a not connected PC

- What is a 'not connected' PC? If you mean not connected to any network

of any sort and never will be - then this does make things more difficult -

but not impossible. You were given several ways to update a Windows XP PC

that has no network connectivity and never will. A CD/USB thumb drive, etc

can be used to utilize something like the Microsoft Baseline Security

Analyzer to figure out what updates a particular PC needs and you can easily

download each of these updfates yourself to install. Another option is to

just download all the updates and install them all on the machine from each

month's collection. Impossible? No. Difficult - in the arrangement you

have them - yes.

 

Conclusion 2) update antivirus easier

- Not really. For one thing - in order to really stay up to date you

would have to manually put the latest database on each machine at least once

a day. Microsoft updates are at least less frequent. So, easier? Not

really - just makes more sense in that you are protecting from untrusted

"USB keys"...

 

If I was in your situation (although no network - even between machines -

seems unlikely to me. In layman terms - perhaps a private network betweeen

mahcines only and a WSUS and virus update server that can see outside the

private network and inside the private network for updating would be my

solution of choice.) I would install all Windows Updates each month on each

machine with the ISOs you can freely download (just in case one of these

machines ever sees the light of a network.) I would put a decent AV

solution on each one and at least update them every week. I would have

everyone whom uses those machine with only useer rights - no administrators.

 

--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html

Guest Wayne

Guest Wayne

Posted
Posted

"Alfred" <Alfred@discussions.microsoft.com> wrote in message

news:A061EC49-F961-4E19-A9D8-503F36D0833B@microsoft.com...<span style="color:blue">

>

> OK. Thank you.

>

> In conclusion,

> - impossible to update easily Windows on a not connected PC,

> - update antivirus easier.

>

> Regards

>

> Alfred</span>

 

Your conclusion is incorrect, it is very easy to update a pc not connected

to the internet. CTUpdate will do everything you want, update XP, Server

2003, all versions of Office from XP and also Vista / Server 2008.

http://www.vulnerabilityassessment.co.uk/ctupdate.htm

 

Wayne McGlinn

Brisbane, Oz

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...