known gaps?

[psifertex]

I was reading: https://starlabs.sg/blog/2025/07-my-blind-date-with-cve-2025-29824/

And went to grab the appropriate versions of clfs.sys but I can only find the after, version 10.0.22621.5192 with hash 969AC3B22CA9A22D73E8CC0BC98D9CF8A969B7867FAF2EE1093B0B0695D3439F. No mention of 10.0.22621.5097 with hash 3FB7DA92269380F7BC72A1AD1B06D9BF1CB967AC3C5C7010504C841FCCC6108E. Any chance there's a known gap of coverage?

[psifertex]

(for what it's worth, I just pulled the windows 10 version instead to recreate the diff so I don't have an immediate need for this, just making sure there's not some known issue with the files)

[m417z]

Hi Jordan,

KB5058919 (10.0.22621.5192) is an update which is listed in the update history page and the release information page, and can be downloaded from the Microsoft Update Catalog, and so it's indexed by the main Winbindex data sources (x64 and ARM64).

KB5053648 (10.0.22621.5097), no the other hand, is an Insider Preview Build (Beta Channel), and so it isn't part of the main data sources by design. Now the question is, why it isn't found in the Insider data source? Data of Windows Insider builds for Winbindex is indexed with the help of UUP dump, using the UUP dump API. It looks like the 22621.5097 build is missing there. I'm not sure why, and I'm not sure what could be a better data source for Winbindex for insider builds. Previously, I also tried using UUP (Unified Update Platform) Generation Project [by @rgadguard & whatever127], but it looks like that build is missing there as well.

[m417z]

After a closer inspection, it looks like although it can't be found by searching the build number, it's listed in the API JSON:

{
      ...
      {
        "title": "Cumulative Update for Windows 11 Insider Preview (10.0.22635.5097)",
        "build": "22635.5097",
        "arch": "amd64",
        "created": 1743308484,
        "uuid": "5c94a683-9a93-4137-8d31-7142ed375962"
      },
      {
        "title": "Windows 11 Insider Preview 10.0.22635.5097 (ni_release)",
        "build": "22635.5097",
        "arch": "amd64",
        "created": 1742576428,
        "uuid": "1d92106c-4ea5-46bb-8553-743b2f178569"
      },
      ...
}

These updates are indexed by Winbindex, but for some reason it indexes clfs.sys version 10.0.22621.5090, not 10.0.22635.5097, for them.

The full size of such an update is more than 100 GB, and the Winbindex scripts only download and parse selected files. It's possible that version 10.0.22635.5097 is in one of those files that the scripts miss, in which case it's a problem with the scripts that should be fixed.

[m417z]

I asked about it on UUP Dump's Discord server, and their response is basically "it's Microsoft's fault". That brings me back to:

I'm not sure what could be a better data source for Winbindex for insider builds.

The chat from Discord

Michael (2:33 PM)
Hi guys, I'm using UUP dump for one of my projects (thanks!), and I was asked why some builds are missing. Specifically, I was asked about Windows 11 Insider Preview Build 22635.5097 (KB5053648), which seems to be missing on uupdump.net. I checked a couple of other Beta Channel builds, and I could find them (example - 26120.4741).
Any idea why that build is missing? Is there a reason for that, or perhaps it's just a bug?

abbodi1406 (2:50 PM)
search by build number
beta channel range is mess
https://uupdump.net/known.php?q=22635

Michael (3:32 PM)
Thanks. From a closer inspection, the build was actually found and processed (the scripts use the UUP dump API), but the files that were extracted (e.g. ntdll.dll and others) have the build version 10.0.22621.5090, and not the expected 10.0.22621.5097.
The scripts use this endpoint for the file list, then download and extract the files:
https://uupdump.net/json-api/get.php?id=5c94a683-9a93-4137-8d31-7142ed375962&lang=en-us&edition=professional
Any idea whether the problem is on my side, something with UUP dump, or perhaps something with Microsoft?

abbodi1406 (5:27 PM)
That's what in the update, it does not necessary update all files to its final version
it's cumulative update, and is expected to have older files

Michael (5:30 PM)
Both updates have files of build 5090 instead of 5097:

{
      ...
      {
        "title": "Cumulative Update for Windows 11 Insider Preview (10.0.22635.5097)",
        "build": "22635.5097",
        "arch": "amd64",
        "created": 1743308484,
        "uuid": "5c94a683-9a93-4137-8d31-7142ed375962"
      },
      {
        "title": "Windows 11 Insider Preview 10.0.22635.5097 (ni_release)",
        "build": "22635.5097",
        "arch": "amd64",
        "created": 1742576428,
        "uuid": "1d92106c-4ea5-46bb-8553-743b2f178569"
      },
      ...
}

So I wonder if the 5097 files are nowhere to be found?

abbodi1406 (8:51 PM)
https://blogs.windows.com/windows-insider/2025/03/21/announcing-windows-11-insider-preview-build-22635-5097-beta-channel/
22635.5097 (KB5053648)

Michael (8:59 PM)
Yes, I linked to that page in my first message. I appreciate your response but I don't see how it answers the question.

abbodi1406 (9:00 PM)
Microsoft provide the update, the build, the files
if it's really not 5097, so what do you expect uupdump to do?

Michael (9:03 PM)
If it's on Microsoft's side, then I don't expect anything from UUP dump and I guess I'll have to live with this limitation. I was just asking to make sure I'm not doing anything wrong, that there's no bug in UUP dump, and hear from others who perhaps saw this in the past and can provide some information, such as why and when it can happen.

abbodi1406 (9:04 PM)
it's beta / testing channel,
they make mess even in public updates