In short, I don't want to talk to the windows update server directly.
I am okay with whatever status the wuauserv can provide me. Is this
"Lawrence Garvin" wrote:
> "Dilip" <rdi...@lycos.com> wrote in message
> > I wanted to use the WUApi.dll to programmatically detect the
> > availability of windows updates. I noticed that a call to
> > IUpdateSearcher::Search actually goes out and makes a network call to
> > the windows update server to determine if updates are available.
> > Since we already have the windows update service (wuauserv) running on
> > our machines and since it already does the job for us, I was wondering
> > is it possible for me to talk to wuauserv programmatically and get the
> > status of available updates?
> I think you may be confused about the basics of how WSUS/WUA works.
> First, when you use the WUA API, you *are* talking to wuauserv.
> Second, regardless of what you talk to or with, if you want the "status of
> available updates", something is going to have to first go ask the WSUS
> server what updates are =available=. Then the WUA needs to determine =IF=
> any of those available updates are NEEDED by the client system.
> The client side knows *nothing* about what updates are available; it must
> check every time it executes a detection -- as the "availability" of those
> updates can change on a moment's notice if the WSUS Administrator decides to
> unapprove an update.
> In fact, if the WSUS Administrator approves an update, and the WUA downloads
> the content and schedules an installation, and then executes another
> detection before the scheduled installation, and the update is no longer
> approved, the WUA will actually UNschedule the installation!
> Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
> Senior Data Architect, APQC, Houston, Texas
> Microsoft MVP - Software Distribution (2005-2008)
> MS WSUS Website: http://www.microsoft.com/wsus
> My Websites: http://www.onsitechsolutions.com;
> My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
The authors of the update package make that determination.
> For example on Vista, some of the
> updates are checked automatically for install and some are not. The ones
> that are checked are labeled "Important", "Recommended", ... in the UI. I
> attempting to determine which Microsoft is recommending that the user
> using WUA. IUpdate::MsrcSeverity seems like it is the logical answer. It
> returns "Low", "Moderate", "Important", and "Critical" according to the
> documentation. However, I am seeing that in some cases the value is
> Yet the update with the blank MsrcSeverity is being reported as
> in the Windows Update UI. So is there something other than MsrcSeverity
> is being used by Windows to determine this?
MSRC Severity only applies to =security= updates, which are associated with
This is but a small part of the updates that can be made available, and
Both security, and non-security, updates are classified as
For detailed information on the definitions of the update levels in Vista:
Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
I truly appreciate your prompt response as this is an issue that I need to
iron out by tomorrow.
I had a hunch that MsrcSeverity only applied to security updates. Thank you
for confirming that.
I am still unsure however, how to determine which updates are considered
"optional" programatically. Is there a way to do this with WUA?
> I am still unsure however, how to determine which updates are considered
> "optional" programatically. Is there a way to do this with WUA?
Unfortunately there is not. While the MSRC Severity is coded in the metadata
for security updates, the issue of Optional vs (non)Optional is really
insignificant to the WSUS environment -- either you're going to approve the
update or you're not -- and that data is not coded in the metadata.
The issue of Important vs Recommended vs Optional is really only significant
to the Vista "Automatic Updates" scenario, where the Vista user wishes to
exercise some control over the volume (or type) of updates automatically
installed. In a WSUS scenario, that decision is made by the WSUS
Administrator, presumably by some more specific criteria (like =Needed= or
=Not Wanted=), rather than the classification applied by Microsoft Update.
Possibly a more appropriate way to achieve what I think you're trying to
achieve is to based the decision based on the update Classification (e.g.
Critical Updates, Security Updates, Update Rollups, Service Packs,
Definition Updates, etc.). Anything that would be classified as Optional
Updates will *not* be in one of these enumerated classifications. In WSUS,
almost without exception, "Optional Updates" would be distributed in the
generic "Updates" classification; although, not all content in the "Updates"
classification is necessarily optional content.