- Dec 19, 2017 However, today I am going to focus on how you can pre-download all Windows security updates at once in order to apply them to computers in an offline network. In BatchPatch first make sure cached mode is enabled. To enable cached mode, go to ‘Tools Settings Windows Update’ and then tick the box that says ‘Enable cached mode.’.
- Definitive download location for MBSA “wsusscn2.cab” file for offline mode scans? Ask Question Asked 9 years. I need the list of updates in the file named 'wsusscn2.cab'. Is there a well-known page or URL at Microsoft for downloading the most up-to-date version of that file for MBSA offline mode? Or when the manual says?
The MBSA tool can be downloaded from the Microsoft.com website. The current address for version 2.1 is http://www.microsoft.com/downloads/details.aspx?familyid=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en.
MBSA can be run offline (if the machine being used to scan is not connected to the Internet). If using it in this configuration, it is necessary to ensure the latest updates are used.
- Security update catalog (wsusscn2.cab) is available from http://go.microsoft.com/fwlink/?LinkId=76054.
- Windows Update Redistribution Catalog (wuredist.cab) located at http://update.microsoft.com/redist/wuredist.cab.
- Authorisation catalog (muauth.cab) for Windows Update site access is available from http://go.microsoft.com/fwlink/?LinkId=43266 or by examining the contents of the wuredist.cab file located at http://update.microsoft.com/redist/wuredist.cab.
- Windows Update Agent standalone installers (if not already installed). The latest versions are available by examining the contents of the wuredist.cab file located at http://update.microsoft.com/redist/wuredist.cab.
- For x86-based computers (WindowsUpdateAgent30-x86.exe)
- For x64-based computers (WindowsUpdateAgent30-x64.exe)
- For ia64-based computers (WindowsUpdateAgent30-ia64.exe).
Once you have installed the latest updates, follow the steps below to run the scans.
Create a new text file called ‘computers.txt’ and list the names of the servers to be scanned – as shown in Figure 1 below. This should be saved on the computer being used to run the scan.
There is an API at with a Python and a Windows and a Linux command-line interface. The date of the last update is posted on that website, so you can scrape the webpage if all you need to know is whether you have the latest version of wsusscn2.cab. Year: 2011 UserAccountControl flags I was messing today with a small script to read the UserAccountControl flags of an Active Directory domain’s user account base, and was tryng to find the correct values that are present there.
Figure 1: Computers.txt file contents
Open a command prompt and navigate to ‘C:Program FilesMicrosoft Baseline Security Analyzer 2’
![Wsusscan Wsusscan](/uploads/1/2/5/2/125293339/495308867.jpg)
Microsoft Wsusscn2
Run the following command (This assumes that the wsusscn2.cab and the text file ‘computers.txt’ have been saved into the root of the C: drive.:
Mbsacli /catalog c:wsusscn2.cab /listfile c:computers.txt /wi /nvc /nd
/wi = show all updates even if not approved on the WSUS server.
/nvc = Do not check for a new version of MBSA.
/nd = Do not download any files from the Microsoft.com web site when scanning.
Wait for the scan to complete.
Open the MBSA console from the Start Menu.
Wsusscn2 Not Updated
Click ‘View existing security scan report’.