Adding Updates to a Wim File

Even with Microsoft releasing new Windows 10 builds on a twice-yearly basis, there is still a case to be made to slipstream updates into your install media. First, you never have to worry about whether your computer gets needed patches. If you build in protection against the Wanna Cry malware by patching MS17-010 you can. Second, it saves a decent amount of time during computer provisioning. No need to push down the original copy of a file as well as the updated one included in the latest Windows update.

Function Update-WindowsImageFile {
    [cmdletbinding()]
    param(
        [Parameter(Mandatory = $true)]
        [string]$Path,

        [Parameter(Mandatory = $true)]
        [string]$MountPath,

        [string]$UpdateDirectory = "C:\windows\SoftwareDistribution\Download\",

        [Parameter(Mandatory = $true)]
        [int]$ImageIndex

    )

    $WimPath = Resolve-Path $Path
    $MountPath = Resolve-Path $MountPath
    $UpdatePath = Resolve-Path $UpdateDirectory

    Mount-WindowsImage -Path $MountPath -Index $ImageIndex -ImagePath $WimPath

    Get-ChildItem -Path $UpdatePath -Include *.cab -Recurse | ForEach-Object {
        $FileName = $_.BaseName

        try {
            Add-WindowsPackage -PackagePath $_.FullName -Path $MountPath
        }
        catch {
            Write-Error "Unable to install $Filename"
        }
    }

    Dismount-WindowsImage -Path $MountPath -Save

}

Gather Updates Manually

Next you gather the updates bring up a fresh install, image it, then install Windows updates. The “C:\windows\SoftwareDistribution\Download\” directory should have all of the updates you’d need. Be aware that express updates cannot be added to a wim file. Express updates allow computers to download only the new bits needed from this month’s patches. You have to keep your computer up-to-date to be able to use express updates. For this exercise we’ll be using the cumulative updates.

When you run this you’ll likely get errors when certain Windows updates fail to install. The error message will contain the KB and if the file name contains the word ‘express’ you need to download the full update at the Microsoft Update Catalog.

Download the latest Cumulative Update

A man that goes by keithga on GitHub wrote a create script to identify and download the latest cumulative update for your build. You can find the Gist on GitHub. Click the Raw button to get a copy-and-pasteable version of the script and save it as Get-LatestUpdate.ps1.

To use the script do the following:

.\Get-LatestUpdate.ps1 -Build 15063 -Download -Path .\

Downloading the latest cumulative update should start your install.wim file off on the right foot.