So Windows XP update management during an MD/BDD build is a pain in the butt. The built in tools force you to identify, by hand, and download, one at a time, all the updates needed. There is a nice step in the rules to allow you to run all the updates but come on..we're talking at least 2 days of work to get all this set up correctly and then tested. Then. BAM. A service pack comes out and now you gotta go clean it all up and start over again. Not a good thing. So how did I handle this problem? Open Source of course. A little gem called CTUpdate. Good stuff. It even downloads updates for Microsoft Office if you want.
So here is how it works. Download the code, run the .exe and it will go out and get all "security" updates for you. Yeah...not all the updates as it uses the Security Baseline Analyzer as it's database to know what to pull..but hey it's better then the alternative. Now I just create a custom step to dump the "client" folder down to each client and start the install process. Then a quick uninstall routine deletes the source. This was done as a hands off process and added just a little time to the build process.