Much shorter and simpler description, and addresses some changes in MS's URLs and format of the Bulletin page.
**********************************
For the non-paranoid, there is not much benefit to this, except that you never, ever have to open IE again. For the paranoid, it keeps MS ActiveX scanning tool out of your machine as you decide what to download, and saves resources and disk space.
Non-paranoid:
1) Set Automatic Updates to "notify me but don't automatically download or install them". (Control Panel > Automatic Updates).
2) When notified of updates, expand the descriptions, decide which ones you want, and jot down or save the "KB" numbers (six digits, currently in the 900,000 range. Should go over a million updates soon!)
3) Cancel the Auto Update dialog box.
4) In Fx, go to http://www.microsoft.com/downloads/en/A ... earch.aspx. Note that you do *not* have to allow MS JavaScript to do these steps.
5) Fill in the Advanced Search boxes. For example, in my case:
Product Families: Windows XP
Download Categories: Windows Security and Updates
Release Date: Last 30 Days
Sort Results By: Date Released
Results per page: 20 > Go.
YMMV. If you have MS Office, (I don't), you'll probably need to look there etc.
The updates appear earliest to most recent, which is stupid. You can temporarily allow Microsoft.com and then click the sort arrow to get the most recent first.
If you want to force secure download, insert an "s" in the URL after http, then reload the page.
6) Choose the updates that are on your list, then download.
NOTE: The first time you do this, you will be prompted to download and install the "Windows Genuine Advantage Verification Tool". This runs once, and (I imagine) checks the serial # of your copy of Windows to make sure it is licensed. I thought I might have to do this every month, but it seems that having done it once, Windows knows this machine is authorized. I just did a test d/l now and wasn't prompted for the WGAV.
Note that this is *NOT* the same as the "Windows Genuine Advantage NOTIFICATION Tool", a piece of spyware that MS installed on a number of machines using Automatic Update on unaware users (that's one reason I don't use fully-automatic update), which phones home to MS every day, in case the copy of Windows that you had legitimately on Saturday suddenly becomes illegitimate on Sunday. (e. g., they start getting 5000 update requests with that serial number.) If you have this, it can be deleted.
After you have d/l the updates, to your desktop or whatever, just double-click as you would to install any other software. You can then delete the installers or save a backup to CD or Flash drive or something, in case your system ever crashes and you have to reformat. (in fact, that's a pretty good reason to save a copy.)
************************************
Uber-Paranoid:
Disable Automatic Updates completely. This saves you resources and bandwidth, and keeps MS's nose out of your box.
It is so rare for MS to issue a significant patch in between monthly cycles that it makes headlines in the tech world. By definition, most people here probably would read or hear about such out-of-band patches and know that they should get them. Otherwise, every Patch Tuesday, just do steps (4) through (6) above. Sort most recent first, see which ones apply to your setup, and get them.
This also saves hundreds of MB of disk space of log files, etc. saved in C:\Windows\SoftwareDistribution and other places.
