From abc2bbad821b38aed08d056813ef9c3908c61c1c Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 13 Jul 2023 14:40:03 -0400
Subject: [PATCH 01/59] Update Boot Image with CU Article

---
 windows/deployment/update-boot-image.md | 27 +++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 windows/deployment/update-boot-image.md

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
new file mode 100644
index 0000000000..1e1246c0a1
--- /dev/null
+++ b/windows/deployment/update-boot-image.md
@@ -0,0 +1,27 @@
+---
+title: Update Windows PE boot image with the latest cumulative updates
+description: This article describes how to update a Windows PE (WinPE) boot image with the latest cumulative update.
+ms.prod: windows-client
+ms.localizationpriority: medium
+author: frankroj
+manager: aaroncz
+ms.author: frankroj
+ms.topic: article
+ms.date: 07/13/2023
+ms.technology: itpro-deploy
+appliesto:
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10</a>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2022</a>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2019</a>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016</a>
+---
+---
+
+# Update Windows PE boot image with the latest cumulative update
+
+This walkthrough describes how to update a Windows PE (WinPE) boot image with the latest cumulative update.
+
+## Prerequisites
+
+- [Windows Assessment and Deployment Kit (ADK)](https://docs.microsoft.com/windows-hardware/get-started/adk-install). Recommended to use the latest version of the ADK.
\ No newline at end of file

From b19b980b2e4a4f94a2fa65d3677fb85f86cd65fa Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 14 Jul 2023 18:02:18 -0400
Subject: [PATCH 02/59] Update Boot Image with CU Article 2

---
 windows/deployment/update-boot-image.md | 83 ++++++++++++++++++++++++-
 1 file changed, 82 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 1e1246c0a1..4c8b669cc4 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -20,8 +20,89 @@ appliesto:
 
 # Update Windows PE boot image with the latest cumulative update
 
+<!-- 7894697 -->
+
 This walkthrough describes how to update a Windows PE (WinPE) boot image with the latest cumulative update.
 
 ## Prerequisites
 
-- [Windows Assessment and Deployment Kit (ADK)](https://docs.microsoft.com/windows-hardware/get-started/adk-install). Recommended to use the latest version of the ADK.
\ No newline at end of file
+- [Windows Assessment and Deployment Kit (ADK)](/windows-hardware/get-started/adk-install). Recommended to use the latest version of the ADK.
+
+## Overview
+
+Note about boot.wim from installation media
+
+## Steps
+
+1. Download and install ADK
+2. Download cumulative update (CU)
+3. Backup existing boot image (e.g. winpe.wim or boot.wim)
+4. Mount boot image to temporary mount folder
+5. Add optional components to boot image
+6. Add cumulative update (CU) to boot image
+7. Copy boot files from mounted image to ADK installation location
+8. Perform component cleanup
+9. Unmount boot image and save changes
+10. Export boot image to reduce size
+
+## Step 1: Download and install ADK
+
+## Step 2: Download CU
+
+## Step 3: Backup existing boot image
+
+## Step 4: Mount boot image to temporary mount folder
+
+## Step 5: Add optional components to boot image
+
+## Step 6: Add cumulative update (CU) to boot image
+
+## Step 7: Copy boot files from mounted image to ADK installation location
+
+## Step 8: Perform component cleanup
+
+## Step 9: Unmount boot image and save changes
+
+## Step 10: Export boot image to reduce size
+
+## Script outline
+
+This PowerShell script appears to be a patching script for the Windows Assessment and Deployment Kit (ADK) and the Windows Preinstallation Environment (WinPE). Here's a breakdown of what the script does:
+
+1. It begins with some comments explaining the purpose of the script and providing links to relevant documentation.
+
+2. The script defines various variables such as `$SMSProvider2012R2`, `$MountFolder`, `$downloads`, and several `$CUDownloadUrl` variables. These variables specify download URLs for cumulative updates (CUs) and other files.
+
+3. The script includes functions like `Test-RegistryValue` and `Get-RegistryValue` for checking and retrieving registry values.
+
+4. It checks if the ADK is installed on the system by checking the registry key `HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows Kits\Installed Roots`. If the ADK is detected, it retrieves the installation location from the registry.
+
+5. The script verifies the existence of the WinPE image file (`winpe.wim`) and extracts the version information from it.
+
+6. Depending on the WinPE version, the script selects the appropriate CU download URL and sets the `$SSURequired` flag if a Servicing Stack Update (SSU) is needed.
+
+7. It checks if certain folders exist and creates them if necessary (`$downloads`, `$downloads\SSU`, and `$MountFolder`).
+
+8. If the CU file does not already exist in the specified download folder, it uses `Start-BitsTransfer` to download it from the provided URL.
+
+9. If an SSU is required, it performs a similar download process for the SSU file.
+
+10. The script creates a backup of the existing `winpe.wim` file by copying it to `winpe.bak`. If a previous backup already exists, it renames it with the current date appended.
+
+11. It mounts the `winpe.wim` file using `Mount-WindowsImage` to a temporary mount folder (`$MountFolder`).
+
+12. If an SSU is required, it adds the SSU package to the mounted image using `Add-WindowsPackage`.
+
+13. It then iterates through a list of optional components (`$OptionalComponents`) and adds the corresponding packages to the mounted image using `Add-WindowsPackage`. It also checks for language-specific versions of the components and adds them if available.
+
+14. The script adds the downloaded CU package to the mounted image using `Add-WindowsPackage`.
+
+15. It copies updated boot manager files (`bootmgr.efi` and `bootmgfw.efi`) from the mounted image back to the ADK installation location.
+
+16. It performs a component cleanup operation on the mounted image using `dism.exe` to reduce the image size.
+
+17. The script exports the list of installed packages in the modified image to a text file.
+
+18. Finally, it dismounts the image with the modifications, saves the changes, and exports the modified `winpe.wim` file as a new file with reduced file size. It also creates a backup of the original `winpe.wim` file and cleans up temporary files.
+
+The script appears to be designed to update and patch the WinPE image in the ADK installation based on the installed ADK version and the provided CU and SSU files.

From 8e5971c66ef98ba71bffa1bfa461b3284f9054db Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 14 Jul 2023 18:37:13 -0400
Subject: [PATCH 03/59] Update Boot Image with CU Article 3

---
 windows/deployment/update-boot-image.md | 54 +++++++++++++++++++------
 1 file changed, 42 insertions(+), 12 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 4c8b669cc4..8e7895218f 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -26,11 +26,16 @@ This walkthrough describes how to update a Windows PE (WinPE) boot image with th
 
 ## Prerequisites
 
-- [Windows Assessment and Deployment Kit (ADK)](/windows-hardware/get-started/adk-install). Recommended to use the latest version of the ADK.
+- [Windows Assessment and Deployment Kit (Windows ADK)](/windows-hardware/get-started/adk-install) - It's recommended to use the latest version of the ADK.
+- [Windows PE add-on for the Windows ADK](/windows-hardware/get-started/adk-install). Make sure the version of Windows PE matches the version of Windows ADK that is being used.
+- Boot image - This can be `winpe.wim` included with the Windows ADK.
+- Latest cumulative update downloaded from the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site.
 
 ## Overview
 
 Note about boot.wim from installation media
+Note about Win11 ADK only having x64 boot images
+Note about Windows Server 2012 R2
 
 ## Steps
 
@@ -39,31 +44,56 @@ Note about boot.wim from installation media
 3. Backup existing boot image (e.g. winpe.wim or boot.wim)
 4. Mount boot image to temporary mount folder
 5. Add optional components to boot image
-6. Add cumulative update (CU) to boot image
-7. Copy boot files from mounted image to ADK installation location
-8. Perform component cleanup
-9. Unmount boot image and save changes
-10. Export boot image to reduce size
+6. Add optional components OCs to boot image
+7. Add cumulative update (CU) to boot image
+8. Copy boot files from mounted image to ADK installation location
+9. Perform component cleanup
+10. Unmount boot image and save changes
+11. Export boot image to reduce size
 
 ## Step 1: Download and install ADK
 
-## Step 2: Download CU
+- Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](windows-hardware/get-started/adk-install).
+
+- Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](windows-hardware/get-started/adk-install). Make sure to download and install both components.
+
+- It's strongly recommended to download and install the latest version of the ADK.
+
+- When installing the Windows ADK, it's only necessary to install the **Deployment Tools**.
+
+## Step 2: Download cumulative update (CU)
+
+- Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of Windows PE that was downloaded in [Step 1](#step-1-download-and-install-adk) or the version of the Windows PE boot image that will be updated.
+
+- When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
+
+- Once the cumulative update has been found, download the appropriate version for the version and architecture of Windows that matches the Windows PE boot image. For example, if the version of the Windows PE boot image is Windows 11 22H2 64-bit, then download the **Cumulative Update for Windows 11 Version 22H2 for x64-based Systems" version of the update.
+
+- Store the downloaded cumulative update in a known location for later use.
 
 ## Step 3: Backup existing boot image
 
+Before modifying the desired boot image, make a backup copy of the boot image being modified. For example,
+
+- For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
+
+- For the boot image included with Microsoft Configuration Manager, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`
+
 ## Step 4: Mount boot image to temporary mount folder
 
 ## Step 5: Add optional components to boot image
 
-## Step 6: Add cumulative update (CU) to boot image
+## Step 6: Add optional components OCs to boot image
 
-## Step 7: Copy boot files from mounted image to ADK installation location
+## Step 7: Add cumulative update (CU) to boot image
 
-## Step 8: Perform component cleanup
+## Step 8: Copy boot files from mounted image to ADK installation location
 
-## Step 9: Unmount boot image and save changes
+## Step 9: Perform component cleanup
 
-## Step 10: Export boot image to reduce size
+## Step 10: Unmount boot image and save changes
+
+## Step 11: Export boot image to reduce size
 
 ## Script outline
 

From 139b14ff6231958f61bbdeaf1ffa8b6d0bab301d Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Sat, 15 Jul 2023 12:26:04 -0400
Subject: [PATCH 04/59] Update Boot Image with CU Article 4

---
 windows/deployment/update-boot-image.md | 200 ++++++++++++++++++++----
 1 file changed, 168 insertions(+), 32 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 8e7895218f..58a067d325 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -43,24 +43,27 @@ Note about Windows Server 2012 R2
 2. Download cumulative update (CU)
 3. Backup existing boot image (e.g. winpe.wim or boot.wim)
 4. Mount boot image to temporary mount folder
-5. Add optional components to boot image
-6. Add optional components OCs to boot image
+5. Add drivers to boot image
+6. Add optional components to boot image
 7. Add cumulative update (CU) to boot image
 8. Copy boot files from mounted image to ADK installation location
 9. Perform component cleanup
-10. Unmount boot image and save changes
-11. Export boot image to reduce size
+10. Verify all desired packages have been added to boot image
+11. Unmount boot image and save changes
+12. Export boot image to reduce size
 
 ## Step 1: Download and install ADK
 
-- Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](windows-hardware/get-started/adk-install).
+- Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
 
-- Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](windows-hardware/get-started/adk-install). Make sure to download and install both components.
+- Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). Make sure to download and install both components.
 
 - It's strongly recommended to download and install the latest version of the ADK.
 
 - When installing the Windows ADK, it's only necessary to install the **Deployment Tools**.
 
+- The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths accordingly.
+
 ## Step 2: Download cumulative update (CU)
 
 - Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of Windows PE that was downloaded in [Step 1](#step-1-download-and-install-adk) or the version of the Windows PE boot image that will be updated.
@@ -71,9 +74,15 @@ Note about Windows Server 2012 R2
 
 - Store the downloaded cumulative update in a known location for later use.
 
+> [!TIP]
+>
+> It is recommended to use the full cumulative update when updating boot images with a cumulative update. However, instead of downloading the full cumulative update, the cumulative update for SafeOS can be downloaded and used instead. This will reduce the size of the final updated boot image. If any issues occur with a boot image updated with the SafeOS cumulative update, then use the full cumulative update instead.
+>
+> The SafeOS cumulative update can be found in the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site by searching on...
+
 ## Step 3: Backup existing boot image
 
-Before modifying the desired boot image, make a backup copy of the boot image being modified. For example,
+Before modifying the desired boot image, make a backup copy of the boot image. For example,
 
 - For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
@@ -81,58 +90,185 @@ Before modifying the desired boot image, make a backup copy of the boot image be
 
 ## Step 4: Mount boot image to temporary mount folder
 
-## Step 5: Add optional components to boot image
+- Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-## Step 6: Add optional components OCs to boot image
+```powershell
+Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
+```
+
+For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage)
+
+```cmd
+DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
+```
+
+For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
+
+## Step 5: Add drivers to boot image
+
+If needed, add any drivers to the boot image.
+
+```powershell
+Command to be determined
+```
+
+```cmd
+DISM.exe/Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirver_INF_source_path>\<driver>.inf"
+
+DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirvers_source_path" /Recurse
+```
+
+For more information, see [Add and Remove Driver packages to an offline Windows Image](/windows-hardware/manufacture/desktop/add-and-remove-drivers-to-an-offline-windows-image)
+
+> [!IMPORTANT]
+>
+> For Microsoft Configuration Manager boot images, don't manually add drivers to the boot image using the above steps. Instead, add drivers through Configuration Manager via the **Drivers** tab in the **Properties** of the boot image. This will ensure that the drivers in the boot image can be properly managed through Configuration Manager. Drivers are not affected by the cumulative update installed later in this walkthrough.
+
+## Step 6: Add optional components to boot image
+
+- Add any desired optional components to the boot image.
+- The below examples assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+
+```powershell
+Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
+```
+
+For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
+
+```cmd
+DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
+```
+
+You can add as many desired optional components as needed on a single DISM.exe command line.
+
+For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
+
+- Make sure that after adding the optional component to also add the language specific component for that optional component. For example, for English United States (en-us), add the following:
+
+```powershell
+Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
+```
+
+```cmd
+DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
+```
+
+You can add as many desired optional components as needed on a single DISM.exe command line.
+
+> [!IMPORTANT]
+>
+> For Microsoft Configuration Manager boot images, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. This is because the cumulative update being applied at the next step will also update any optional components as needed. If the optional components are instead added through Configuration Manager, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems.
+>
+> For this reason, make sure to add the following required optional components need by Configuration Manager:
+>
+> - Scripting (WinPE-Scripting)
+> - Startup (WinPE-SecureStartup)
+> - Network (WinPE-WDS-Tools)
+> - WMI (WinPE-WMI)
+>
+> Once any optional components has been manually added to a boot image, Configuration Manager will detect that the optional component has already been added. It will not try to add the optional component again whenever it is updating the boot image.
+
+### List of optional components
 
 ## Step 7: Add cumulative update (CU) to boot image
 
+- Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image.
+
+```powershell
+Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
+```
+
+For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
+
+```cmd
+DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
+```
+
+For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
+
+> [!IMPORTANT]
+>
+> Make sure not to apply the cumulative update (CU) until all desired optional components have been installed. This will make sure that the optional components are also properly updated by the cumulative update. If in the future any additional optional components need to be added to the boot image, make sure to reapply the cumulative update.
+
 ## Step 8: Copy boot files from mounted image to ADK installation location
 
+- Copy the updated bootmgr files from the updated boot image to the ADK installation location.
+- This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr files are available to the ADK when creating bootable media. In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
+
+```powershell
+Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
+
+Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
+```
+
+```cmd
+CMD commands to be determined
+```
+
 ## Step 9: Perform component cleanup
 
-## Step 10: Unmount boot image and save changes
+- Run DISM.exe commands that will clean up the mounted image and help reduce its size
 
-## Step 11: Export boot image to reduce size
+```powershell
+Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
 
-## Script outline
+Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
+```
 
-This PowerShell script appears to be a patching script for the Windows Assessment and Deployment Kit (ADK) and the Windows Preinstallation Environment (WinPE). Here's a breakdown of what the script does:
+```cmd
+DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer
 
-1. It begins with some comments explaining the purpose of the script and providing links to relevant documentation.
+DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase
+```
 
-2. The script defines various variables such as `$SMSProvider2012R2`, `$MountFolder`, `$downloads`, and several `$CUDownloadUrl` variables. These variables specify download URLs for cumulative updates (CUs) and other files.
+For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Cleanup-Image](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#cleanup-image).
 
-3. The script includes functions like `Test-RegistryValue` and `Get-RegistryValue` for checking and retrieving registry values.
+## Step 10: Verify all desired packages have been added to boot image
 
-4. It checks if the ADK is installed on the system by checking the registry key `HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows Kits\Installed Roots`. If the ADK is detected, it retrieves the installation location from the registry.
+- After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they are showing as installed.
 
-5. The script verifies the existence of the WinPE image file (`winpe.wim`) and extracts the version information from it.
+```powershell
+Get-WindowsPackage -Path "<Mount_folder_path>"
+```
 
-6. Depending on the WinPE version, the script selects the appropriate CU download URL and sets the `$SSURequired` flag if a Servicing Stack Update (SSU) is needed.
+For more information, see [Get-WindowsPackage](/powershell/module/dism/get-windowspackage).
 
-7. It checks if certain folders exist and creates them if necessary (`$downloads`, `$downloads\SSU`, and `$MountFolder`).
+```cmd
+DISM.exe /Image:"<Mount_folder_path>" /Get-Packages
+```
 
-8. If the CU file does not already exist in the specified download folder, it uses `Start-BitsTransfer` to download it from the provided URL.
+For more information, see [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Get-Packages](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#get-packages).
 
-9. If an SSU is required, it performs a similar download process for the SSU file.
+## Step 11: Unmount boot image and save changes
 
-10. The script creates a backup of the existing `winpe.wim` file by copying it to `winpe.bak`. If a previous backup already exists, it renames it with the current date appended.
+- Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
 
-11. It mounts the `winpe.wim` file using `Mount-WindowsImage` to a temporary mount folder (`$MountFolder`).
+```powershell
+Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
+```
 
-12. If an SSU is required, it adds the SSU package to the mounted image using `Add-WindowsPackage`.
+For more information, see [Dismount-WindowsImage](/powershell/module/dism/dismount-windowsimage).
 
-13. It then iterates through a list of optional components (`$OptionalComponents`) and adds the corresponding packages to the mounted image using `Add-WindowsPackage`. It also checks for language-specific versions of the components and adds them if available.
+```cmd
+DISM.exe /Unmount-Image /MountDir:"<Mount_folder_path>" /Commit
+```
 
-14. The script adds the downloaded CU package to the mounted image using `Add-WindowsPackage`.
+For more information, see [Modify a Windows image using DISM: Unmounting an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#unmounting-an-image) and [DISM Image Management Command-Line Options: /Unmount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#unmount-image).
 
-15. It copies updated boot manager files (`bootmgr.efi` and `bootmgfw.efi`) from the mounted image back to the ADK installation location.
+## Step 12: Export boot image to reduce size
 
-16. It performs a component cleanup operation on the mounted image using `dism.exe` to reduce the image size.
+- Once the boot image has been unmounted and saved, its size can be further reduced by exporting it.
 
-17. The script exports the list of installed packages in the modified image to a text file.
+```powershell
+Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
+```
 
-18. Finally, it dismounts the image with the modifications, saves the changes, and exports the modified `winpe.wim` file as a new file with reduced file size. It also creates a backup of the original `winpe.wim` file and cleans up temporary files.
+For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
-The script appears to be designed to update and patch the WinPE image in the ADK installation based on the installed ADK version and the provided CU and SSU files.
+```cmd
+DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
+```
+
+For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
+
+Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.

From 41a226ea5de5399cd9bd1e26e2693c5a4052e730 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Sat, 15 Jul 2023 12:32:04 -0400
Subject: [PATCH 05/59] Update Boot Image with CU Article 5

---
 windows/deployment/update-boot-image.md | 29 +++++++++++++++----------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 58a067d325..46fcd30cdd 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -39,18 +39,23 @@ Note about Windows Server 2012 R2
 
 ## Steps
 
-1. Download and install ADK
-2. Download cumulative update (CU)
-3. Backup existing boot image (e.g. winpe.wim or boot.wim)
-4. Mount boot image to temporary mount folder
-5. Add drivers to boot image
-6. Add optional components to boot image
-7. Add cumulative update (CU) to boot image
-8. Copy boot files from mounted image to ADK installation location
-9. Perform component cleanup
-10. Verify all desired packages have been added to boot image
-11. Unmount boot image and save changes
-12. Export boot image to reduce size
+- [Update Windows PE boot image with the latest cumulative update](#update-windows-pe-boot-image-with-the-latest-cumulative-update)
+  - [Prerequisites](#prerequisites)
+  - [Overview](#overview)
+  - [Steps](#steps)
+  - [Step 1: Download and install ADK](#step-1-download-and-install-adk)
+  - [Step 2: Download cumulative update (CU)](#step-2-download-cumulative-update-cu)
+  - [Step 3: Backup existing boot image](#step-3-backup-existing-boot-image)
+  - [Step 4: Mount boot image to temporary mount folder](#step-4-mount-boot-image-to-temporary-mount-folder)
+  - [Step 5: Add drivers to boot image](#step-5-add-drivers-to-boot-image)
+  - [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image)
+    - [List of optional components](#list-of-optional-components)
+  - [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image)
+  - [Step 8: Copy boot files from mounted image to ADK installation location](#step-8-copy-boot-files-from-mounted-image-to-adk-installation-location)
+  - [Step 9: Perform component cleanup](#step-9-perform-component-cleanup)
+  - [Step 10: Verify all desired packages have been added to boot image](#step-10-verify-all-desired-packages-have-been-added-to-boot-image)
+  - [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
+  - [Step 12: Export boot image to reduce size](#step-12-export-boot-image-to-reduce-size)
 
 ## Step 1: Download and install ADK
 

From 727d16180edb5582cc1d0ecd012c0ee02f9e4ad9 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Sat, 15 Jul 2023 12:38:23 -0400
Subject: [PATCH 06/59] Update Boot Image with CU Article 6

---
 windows/deployment/update-boot-image.md | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 46fcd30cdd..64f6474518 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -51,7 +51,7 @@ Note about Windows Server 2012 R2
   - [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image)
     - [List of optional components](#list-of-optional-components)
   - [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image)
-  - [Step 8: Copy boot files from mounted image to ADK installation location](#step-8-copy-boot-files-from-mounted-image-to-adk-installation-location)
+  - [Step 8: Copy boot files from mounted image to ADK installation path](#step-8-copy-boot-files-from-mounted-image-to-adk-installation-path)
   - [Step 9: Perform component cleanup](#step-9-perform-component-cleanup)
   - [Step 10: Verify all desired packages have been added to boot image](#step-10-verify-all-desired-packages-have-been-added-to-boot-image)
   - [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
@@ -87,11 +87,11 @@ Note about Windows Server 2012 R2
 
 ## Step 3: Backup existing boot image
 
-Before modifying the desired boot image, make a backup copy of the boot image. For example,
+- Before modifying the desired boot image, make a backup copy of the boot image. For example,
 
-- For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
+  - For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
-- For the boot image included with Microsoft Configuration Manager, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`
+  - For the boot image included with Microsoft Configuration Manager, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`
 
 ## Step 4: Mount boot image to temporary mount folder
 
@@ -111,7 +111,7 @@ For more information, see [Modify a Windows image using DISM: Mount an image](/w
 
 ## Step 5: Add drivers to boot image
 
-If needed, add any drivers to the boot image.
+- If needed, add any drivers to the boot image.
 
 ```powershell
 Command to be determined
@@ -195,9 +195,9 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 >
 > Make sure not to apply the cumulative update (CU) until all desired optional components have been installed. This will make sure that the optional components are also properly updated by the cumulative update. If in the future any additional optional components need to be added to the boot image, make sure to reapply the cumulative update.
 
-## Step 8: Copy boot files from mounted image to ADK installation location
+## Step 8: Copy boot files from mounted image to ADK installation path
 
-- Copy the updated bootmgr files from the updated boot image to the ADK installation location.
+- Copy the updated bootmgr files from the updated boot image to the ADK installation path.
 - This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr files are available to the ADK when creating bootable media. In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
 
 ```powershell
@@ -207,7 +207,7 @@ Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files
 ```
 
 ```cmd
-CMD commands to be determined
+Command to be determined
 ```
 
 ## Step 9: Perform component cleanup
@@ -276,4 +276,4 @@ DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /So
 
 For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
 
-Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
+- Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.

From 0a707c7512d5b2baea2b8b0b9effee9d650fa843 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Sat, 15 Jul 2023 13:49:25 -0400
Subject: [PATCH 07/59] Update Boot Image with CU Article 7

---
 windows/deployment/update-boot-image.md | 30 +++++++++++--------------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 64f6474518..c8356bd297 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -39,23 +39,19 @@ Note about Windows Server 2012 R2
 
 ## Steps
 
-- [Update Windows PE boot image with the latest cumulative update](#update-windows-pe-boot-image-with-the-latest-cumulative-update)
-  - [Prerequisites](#prerequisites)
-  - [Overview](#overview)
-  - [Steps](#steps)
-  - [Step 1: Download and install ADK](#step-1-download-and-install-adk)
-  - [Step 2: Download cumulative update (CU)](#step-2-download-cumulative-update-cu)
-  - [Step 3: Backup existing boot image](#step-3-backup-existing-boot-image)
-  - [Step 4: Mount boot image to temporary mount folder](#step-4-mount-boot-image-to-temporary-mount-folder)
-  - [Step 5: Add drivers to boot image](#step-5-add-drivers-to-boot-image)
-  - [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image)
-    - [List of optional components](#list-of-optional-components)
-  - [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image)
-  - [Step 8: Copy boot files from mounted image to ADK installation path](#step-8-copy-boot-files-from-mounted-image-to-adk-installation-path)
-  - [Step 9: Perform component cleanup](#step-9-perform-component-cleanup)
-  - [Step 10: Verify all desired packages have been added to boot image](#step-10-verify-all-desired-packages-have-been-added-to-boot-image)
-  - [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
-  - [Step 12: Export boot image to reduce size](#step-12-export-boot-image-to-reduce-size)
+- [Step 1: Download and install ADK](#step-1-download-and-install-adk)
+- [Step 2: Download cumulative update (CU)](#step-2-download-cumulative-update-cu)
+- [Step 3: Backup existing boot image](#step-3-backup-existing-boot-image)
+- [Step 4: Mount boot image to temporary mount folder](#step-4-mount-boot-image-to-temporary-mount-folder)
+- [Step 5: Add drivers to boot image](#step-5-add-drivers-to-boot-image)
+- [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image)
+- [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image)
+- [Step 8: Copy boot files from mounted image to ADK installation path](#step-8-copy-boot-files-from-mounted-image-to-adk-installation-path)
+- [Step 9: Perform component cleanup](#step-9-perform-component-cleanup)
+- [Step 10: Verify all desired packages have been added to boot image](#step-10-verify-all-desired-packages-have-been-added-to-boot-image)
+- [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
+- [Step 12: Export boot image to reduce size](#step-12-export-boot-image-to-reduce-size)
+
 
 ## Step 1: Download and install ADK
 

From 71dadf67dd0f959f043c4f83f170993608fd3a75 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Sat, 15 Jul 2023 14:01:22 -0400
Subject: [PATCH 08/59] Update Boot Image with CU Article 8

---
 windows/deployment/update-boot-image.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index c8356bd297..020627f1e1 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -52,7 +52,6 @@ Note about Windows Server 2012 R2
 - [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
 - [Step 12: Export boot image to reduce size](#step-12-export-boot-image-to-reduce-size)
 
-
 ## Step 1: Download and install ADK
 
 - Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
@@ -273,3 +272,9 @@ DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /So
 For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
 
 - Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
+
+## Considerations for Microsoft Configuration Manager
+
+## Considerations for Microsoft Deployment Toolkit (MDT)
+
+## Considerations for Windows Deployment Services (WDS)

From 26529560e5945ff543f1673fefd8011c3b451b9a Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 26 Jul 2023 17:01:41 -0400
Subject: [PATCH 09/59] Update Boot Image with CU Article 9

---
 windows/deployment/update-boot-image.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 020627f1e1..ea37fe456d 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -7,7 +7,7 @@ author: frankroj
 manager: aaroncz
 ms.author: frankroj
 ms.topic: article
-ms.date: 07/13/2023
+ms.date: 07/26/2023
 ms.technology: itpro-deploy
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
@@ -92,12 +92,16 @@ Note about Windows Server 2012 R2
 
 - Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
+#### [**Intune**](#tab/powershell)
+
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
 ```
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage)
 
+#### [**Intune**](#tab/cmd)
+
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
 ```

From 11239b5bef1628a1a3eda78e3a145ad712ef524c Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 26 Jul 2023 17:13:43 -0400
Subject: [PATCH 10/59] Update Boot Image with CU Article 10

---
 windows/deployment/update-boot-image.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index ea37fe456d..61569346a7 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -92,7 +92,7 @@ Note about Windows Server 2012 R2
 
 - Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-#### [**Intune**](#tab/powershell)
+#### [**PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -100,7 +100,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage)
 
-#### [**Intune**](#tab/cmd)
+#### [**CMD**](#tab/cmd)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"

From a4bda15fba6942ae928430eed9b0a8ad14294b62 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 26 Jul 2023 17:21:46 -0400
Subject: [PATCH 11/59] Update Boot Image with CU Article 11

---
 windows/deployment/update-boot-image.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 61569346a7..2ede59d33e 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -108,6 +108,8 @@ DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_
 
 For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
 
+---
+
 ## Step 5: Add drivers to boot image
 
 - If needed, add any drivers to the boot image.

From 2369337dc227451195d2b0f7b2367817eb8c00d5 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 26 Jul 2023 18:00:45 -0400
Subject: [PATCH 12/59] Update Boot Image with CU Article 12

---
 windows/deployment/update-boot-image.md | 58 ++++++++++++++++++++++++-
 1 file changed, 56 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 2ede59d33e..f35ddfa10d 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -92,7 +92,7 @@ Note about Windows Server 2012 R2
 
 - Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-#### [**PowerShell**](#tab/powershell)
+### [**PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -100,7 +100,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage)
 
-#### [**CMD**](#tab/cmd)
+### [**Command Line]**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -114,10 +114,14 @@ For more information, see [Modify a Windows image using DISM: Mount an image](/w
 
 - If needed, add any drivers to the boot image.
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Command to be determined
 ```
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe/Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirver_INF_source_path>\<driver>.inf"
 
@@ -126,6 +130,8 @@ DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirvers_source_path"
 
 For more information, see [Add and Remove Driver packages to an offline Windows Image](/windows-hardware/manufacture/desktop/add-and-remove-drivers-to-an-offline-windows-image)
 
+---
+
 > [!IMPORTANT]
 >
 > For Microsoft Configuration Manager boot images, don't manually add drivers to the boot image using the above steps. Instead, add drivers through Configuration Manager via the **Drivers** tab in the **Properties** of the boot image. This will ensure that the drivers in the boot image can be properly managed through Configuration Manager. Drivers are not affected by the cumulative update installed later in this walkthrough.
@@ -135,32 +141,44 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 - Add any desired optional components to the boot image.
 - The below examples assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
 ```
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
 ```
 
+---
+
 You can add as many desired optional components as needed on a single DISM.exe command line.
 
 For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
 
 - Make sure that after adding the optional component to also add the language specific component for that optional component. For example, for English United States (en-us), add the following:
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
 ```
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
 ```
 
 You can add as many desired optional components as needed on a single DISM.exe command line.
 
+---
+
 > [!IMPORTANT]
 >
 > For Microsoft Configuration Manager boot images, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. This is because the cumulative update being applied at the next step will also update any optional components as needed. If the optional components are instead added through Configuration Manager, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems.
@@ -180,18 +198,24 @@ You can add as many desired optional components as needed on a single DISM.exe c
 
 - Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image.
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
 ```
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
 ```
 
 For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
 
+---
+
 > [!IMPORTANT]
 >
 > Make sure not to apply the cumulative update (CU) until all desired optional components have been installed. This will make sure that the optional components are also properly updated by the cumulative update. If in the future any additional optional components need to be added to the boot image, make sure to reapply the cumulative update.
@@ -201,26 +225,36 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 - Copy the updated bootmgr files from the updated boot image to the ADK installation path.
 - This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr files are available to the ADK when creating bootable media. In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
 
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
 ```
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 Command to be determined
 ```
 
+---
+
 ## Step 9: Perform component cleanup
 
 - Run DISM.exe commands that will clean up the mounted image and help reduce its size
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
 
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
 ```
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer
 
@@ -229,54 +263,74 @@ DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Res
 
 For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Cleanup-Image](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#cleanup-image).
 
+---
+
 ## Step 10: Verify all desired packages have been added to boot image
 
 - After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they are showing as installed.
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Get-WindowsPackage -Path "<Mount_folder_path>"
 ```
 
 For more information, see [Get-WindowsPackage](/powershell/module/dism/get-windowspackage).
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Get-Packages
 ```
 
 For more information, see [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Get-Packages](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#get-packages).
 
+---
+
 ## Step 11: Unmount boot image and save changes
 
 - Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
 ```
 
 For more information, see [Dismount-WindowsImage](/powershell/module/dism/dismount-windowsimage).
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe /Unmount-Image /MountDir:"<Mount_folder_path>" /Commit
 ```
 
 For more information, see [Modify a Windows image using DISM: Unmounting an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#unmounting-an-image) and [DISM Image Management Command-Line Options: /Unmount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#unmount-image).
 
+---
+
 ## Step 12: Export boot image to reduce size
 
 - Once the boot image has been unmounted and saved, its size can be further reduced by exporting it.
 
+### [**PowerShell**](#tab/powershell)
+
 ```powershell
 Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
 ```
 
 For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
+### [**Command Line]**](#tab/command-line)
+
 ```cmd
 DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
 ```
 
 For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
 
+---
+
 - Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
 
 ## Considerations for Microsoft Configuration Manager

From 4be99c5118c6ff8769cf924c3368e93f98a378b9 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 26 Jul 2023 18:45:37 -0400
Subject: [PATCH 13/59] Update Boot Image with CU Article 13

---
 windows/deployment/update-boot-image.md | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index f35ddfa10d..080b060656 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -16,7 +16,6 @@ appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2019</a>
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016</a>
 ---
----
 
 # Update Windows PE boot image with the latest cumulative update
 
@@ -100,7 +99,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage)
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -120,7 +119,7 @@ For more information, see [Modify a Windows image using DISM: Mount an image](/w
 Command to be determined
 ```
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe/Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirver_INF_source_path>\<driver>.inf"
@@ -149,7 +148,7 @@ Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessme
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
@@ -169,7 +168,7 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
 ```
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
@@ -206,7 +205,7 @@ Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_p
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
@@ -233,7 +232,7 @@ Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
 ```
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 Command to be determined
@@ -253,7 +252,7 @@ Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
 ```
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer
@@ -277,7 +276,7 @@ Get-WindowsPackage -Path "<Mount_folder_path>"
 
 For more information, see [Get-WindowsPackage](/powershell/module/dism/get-windowspackage).
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Get-Packages
@@ -299,7 +298,7 @@ Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
 
 For more information, see [Dismount-WindowsImage](/powershell/module/dism/dismount-windowsimage).
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Unmount-Image /MountDir:"<Mount_folder_path>" /Commit
@@ -321,7 +320,7 @@ Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -Sourc
 
 For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
-### [**Command Line]**](#tab/command-line)
+### [**Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"

From 1c1d83ed6034a4b5761aa3cb8b5ded4da7177162 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 11:41:14 -0400
Subject: [PATCH 14/59] Update Boot Image with CU Article 14

---
 .../images/icons/command-prompt-16.png        | Bin 0 -> 343 bytes
 .../images/icons/command-prompt-24.png        | Bin 0 -> 455 bytes
 .../images/icons/command-prompt-32.png        | Bin 0 -> 510 bytes
 .../images/icons/command-prompt.svg           |   3 +
 .../deployment/images/icons/powershell-16.png | Bin 0 -> 317 bytes
 .../deployment/images/icons/powershell-24.png | Bin 0 -> 425 bytes
 .../deployment/images/icons/powershell-32.png | Bin 0 -> 437 bytes
 .../images/icons/powershell-color-18.svg      |  20 +++
 .../deployment/images/icons/powershell.svg    |   3 +
 windows/deployment/update-boot-image.md       | 144 ++++++++++--------
 10 files changed, 104 insertions(+), 66 deletions(-)
 create mode 100644 windows/deployment/images/icons/command-prompt-16.png
 create mode 100644 windows/deployment/images/icons/command-prompt-24.png
 create mode 100644 windows/deployment/images/icons/command-prompt-32.png
 create mode 100644 windows/deployment/images/icons/command-prompt.svg
 create mode 100644 windows/deployment/images/icons/powershell-16.png
 create mode 100644 windows/deployment/images/icons/powershell-24.png
 create mode 100644 windows/deployment/images/icons/powershell-32.png
 create mode 100644 windows/deployment/images/icons/powershell-color-18.svg
 create mode 100644 windows/deployment/images/icons/powershell.svg

diff --git a/windows/deployment/images/icons/command-prompt-16.png b/windows/deployment/images/icons/command-prompt-16.png
new file mode 100644
index 0000000000000000000000000000000000000000..d3a5d0257cbb088e7d90f0751012d1bd70aa5f73
GIT binary patch
literal 343
zcmeAS@N?(olHy`uVBq!ia0vp^0wB!61|;P_|4#%`jKx9jP7LeL$-D$|SkfJR9T^xl
z_H+M9WCij$3p^r=85sBugD~Uq{1quc!8e{Rjv*HQYcK81VsaE|dw7vMz%eKyGID9}
zTziFx3~?SaM%SDoW=$5(s4UHY3Brcv0{PCmTRo;*l~4SBCQ`gqT#VhmVp=}?Go9Vm
z&*WAncKNdl&(MGK@!bRVZ!fKTWMmTAbN04I%O+ft@F+atq^I4pw8C>?vw2F&!PCO4
zqW+$^*UiYO^RdU~(u+r|ku}PF!A#64$^NV5f1Xuco7UD9Hv2#W+pnm<CV|(p%+GJV
z#lm*t_i6W9S4n;gd4a=hmet}$4wGECb5At97WuFul>LNodyved|HtB6=6=<vH*l>{
jc(cTH=f4NrkIkspY!587t}w^}`kTSi)z4*}Q$iB}Xexfn

literal 0
HcmV?d00001

diff --git a/windows/deployment/images/icons/command-prompt-24.png b/windows/deployment/images/icons/command-prompt-24.png
new file mode 100644
index 0000000000000000000000000000000000000000..f5729faa7f8a423fbb8d5b494cb67b9adb34d0b4
GIT binary patch
literal 455
zcmV;&0XY7NP)<h;3K|Lk000e1NJLTq000;O000;W1^@s6;CDUv00001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0bEH$K~zXf)zmvL
z1wk0b@gam$NC=hCxP1c=iG)h6qf#m)isM#DC?pb5C`b^6hEgL6t;T2I14tA)4Wi)x
z%!PAyWmaNV;z@qlclPYgn=`Y!<}cEYUi6ee^O|iu<Glo$*Bto4A{G)_hvqehc!8Fx
z1+58ao_^Q{yS^xk*~c5!u$s^oY=a}%%}AUIY=f`|I*~GZObZ)~U<F#fQJu(S2pg`<
zrLe&cuCa_I%s}aYZf@}P6ULBDw80c^(QHTcIe~5r*YDxnm34_W&<%R=zRLvW(PT%)
z4B`=;cJ!5KgDcFsG8av(7pXQk(4$$KXal``XRgd8yF|(~?p*nqXaju(@1YIuhA!@d
zG6^kTSRzGx^#J`A5^bOi;1rj*z#L-Pgg%@hg$+U){qZMh^G7AuAa%N68|ZJnLQA5q
xsSLw5IQB(Z%s8shHz)ha{SD2hdH;2c`2a5xuKgL6Mj`+J002ovPDHLkV1nfNzTf}=

literal 0
HcmV?d00001

diff --git a/windows/deployment/images/icons/command-prompt-32.png b/windows/deployment/images/icons/command-prompt-32.png
new file mode 100644
index 0000000000000000000000000000000000000000..0d715e93fbc427232dc20bc62a0cf2ead751eb83
GIT binary patch
literal 510
zcmV<a0RjGrP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0h38YK~z{r?Uy-A
z#6SQ><57qfUX@mYrC17rpddDar3xaVwH6+Tl~$J8c!Hg+cz}(Kje-gmTG*+LHvR(z
zZS;MU9d@%$Ocs`8g?;eId=o;x>`sPVuMCXf4sNBO?(6O2cZz!3nZW_hB<Lju3JfbG
z$SMX3T;L|UzN=!Z`#fNvKw6g08kkf_kTnbxP^%=d_x&FQs&EjOa1jTv8eO#D9(I@%
zPV54G_>7Nuif4F(jp(8V-|@(#aAFnEQ|R0ZR%#-Lip+5ocd^$bpLx`EO(waCRp1=;
zy8Oi<>iT7qd~{>Y&6(sTvOpbv;<!oS=*g$C)1)lN_~H+pL>6d8&G(yBI6bKAb#xI~
zpccPy!lZCqYryh~C;spkkp;vRUi-sPTx-BGi#peAQjk~$x=`mfut5_UG`4Sro?O@F
zuK{5f<AO;+Vigct15fydw|I|t7`6}Oqy69mwLjz%yMUz|$8ZSS(e49Lw4pwMdXusg
zT%g#LUV$lv1X;&Gfz*BzrvAUczQ<`<CQUr=2h}_=9(ljFXaE2J07*qoM6N<$f<Tbm
AQUCw|

literal 0
HcmV?d00001

diff --git a/windows/deployment/images/icons/command-prompt.svg b/windows/deployment/images/icons/command-prompt.svg
new file mode 100644
index 0000000000..c446f2976d
--- /dev/null
+++ b/windows/deployment/images/icons/command-prompt.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2048 2048">
+  <path d="M2048 128v1664H0V128h2048zM128 256v128h1792V256H128zm1792 1408V512H128v1152h1792zm-528-896l257 640h-91l-257-640h91zm-656 76q-53 0-96 16t-74 48-48 78-17 106q0 55 15 100t45 76 73 49 98 17q35 0 69-7t58-18l16 62q-22 11-63 19t-96 9q-63 0-117-20t-95-58-62-95-23-131q0-70 23-128t64-100 99-65 128-23q57 0 92 9t51 18l-19 63q-22-11-52-18t-69-7zm288 52h128v128h-128V896zm0 256h128v128h-128v-128z" />
+</svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell-16.png b/windows/deployment/images/icons/powershell-16.png
new file mode 100644
index 0000000000000000000000000000000000000000..4ecfea848644068ea9bcb4506dabd981e216ef49
GIT binary patch
literal 317
zcmeAS@N?(olHy`uVBq!ia0vp^0wB!61|;P_|4#%`jKx9jP7LeL$-D$|SkfJR9T^xl
z_H+M9WCij$3p^r=85sBugD~Uq{1quc!AqVljv*HQYcJXJF*=GI|JZp>Fy<hmh>-2v
zBfctDf>IyVrRo<Y9cGMi?48un=d!ej^}hLT<=LjYwGZq6%(-{&-5$+nE9;juX-?xi
z7LYA-p`f7AuC{+)vv5gs>;{FZg;r+;vs$-_@Xb7Z_^?Blf^*4VBhyXa7dr~3=S-a3
z+7cl>qvwN*@BW*@w-vfs^E6I7`K;kh+3@a$f-*PfMza?S-c4V{^)pY+Kg;rfi}{4?
zDZbl81m^Cu@ws=s!nNX9FXy7e#?3$fHE1ntebIkE<I!}DuT0Z2g1)+MoD&T69fPN<
KpUXO@geCwfVtX9`

literal 0
HcmV?d00001

diff --git a/windows/deployment/images/icons/powershell-24.png b/windows/deployment/images/icons/powershell-24.png
new file mode 100644
index 0000000000000000000000000000000000000000..7c60d412ce348c58c22b365273d8d58591b848b0
GIT binary patch
literal 425
zcmV;a0apHrP)<h;3K|Lk000e1NJLTq000;O000;W1^@s6;CDUv00001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0X|7YK~zXf)z!O7
z13?tV@$mwhLI`MOOcjNISX!sDu=OE?6oLt8AqW-<R%s+ge1_Qj0D@hbyn>}&iYON5
z{|&P+#Jx=7uHXkhvKh{v!(K8me~~h(*eZbfnp=$VT>$kp_wGv@Cpo%=`kEd-pj)+q
z)f}i#4R%1s9Tdgf;R_cy&(RI+fCt!zk#kD01EOc31wYH~bKdARO&qX*C%mAdg*lQr
z;1ntt;Rv%PbwHFo44}d;;%br-G(cIx6;wRL0YVZyK&j&$I^i0+g;@z6a0V5=;ZO^K
z$sDkQXQ-%;b<C2~0gHHr3XZklqE|L<YuDNu{G<+0_MIqdq7#y6d+_sPKvwk2ZX#}L
zmR<PSfE}R!gHLS3zwBw7h})VYdPaV|uHFuKbO%K-4YZ)waeB-B4fRvse;s2c#L=?>
T;xcYW00000NkvXXu0mjflQymO

literal 0
HcmV?d00001

diff --git a/windows/deployment/images/icons/powershell-32.png b/windows/deployment/images/icons/powershell-32.png
new file mode 100644
index 0000000000000000000000000000000000000000..c28fd8f833588b38eddc94d0acdfcaa0e30a8361
GIT binary patch
literal 437
zcmV;m0ZRUfP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0ZK_kK~z{r?bp38
z1VJ3e@exGg6rvTCmMA3(|AGcBJ)KIT)1kO{38hvP3ZjrmC>0tSe}P1+(Mb3{VG_&A
z{$_W~DDFu<$-c~Hp1a-K%(+g;9QLr2f#!9Gc+1G`er_CLDWPi=3e0LJVb)P7aD{D@
z-K*F%&m9T{a``{cz=C!XW)p=1YLzm6-pT@l82#9c8dHH@oZ}huIuJ3Y0{u9J&dWYp
zh!Il(pJlv2<L)tqrU@#bOyC9@E30Ud-~x)Ci4FK~;{s#oLTG9g@X<?4*T^OM5Sm&A
zhH(NvxgN?P)JbrG89YK`pP+?Ilb8$Wr`U$Z$Qee^G^PRrxP{KYVg<2cD$tDsJYZ4>
zzQnSY)cI+Y#Z*A)fo{Y197EStSwmUO1%8V@nXaiaj<WnHu&AAc*+QW}wl!h){{_~2
f`Bys08Ry;spiw$ABqzh900000NkvXXu0mjfK<2fT

literal 0
HcmV?d00001

diff --git a/windows/deployment/images/icons/powershell-color-18.svg b/windows/deployment/images/icons/powershell-color-18.svg
new file mode 100644
index 0000000000..ab2d5152ca
--- /dev/null
+++ b/windows/deployment/images/icons/powershell-color-18.svg
@@ -0,0 +1,20 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
+  <defs>
+    <linearGradient id="a24f9983-911f-4df7-920f-f964c8c10f82" x1="9" y1="15.834" x2="9" y2="5.788" gradientUnits="userSpaceOnUse">
+      <stop offset="0" stop-color="#32bedd" />
+      <stop offset="0.175" stop-color="#32caea" />
+      <stop offset="0.41" stop-color="#32d2f2" />
+      <stop offset="0.775" stop-color="#32d4f5" />
+    </linearGradient>
+  </defs>
+  <title>MsPortalFx.base.images-10</title>
+  <g id="a7ef0482-71f2-4b7e-b916-b1c754245bf1">
+    <g>
+      <path d="M.5,5.788h17a0,0,0,0,1,0,0v9.478a.568.568,0,0,1-.568.568H1.068A.568.568,0,0,1,.5,15.266V5.788A0,0,0,0,1,.5,5.788Z" fill="url(#a24f9983-911f-4df7-920f-f964c8c10f82)" />
+      <path d="M1.071,2.166H16.929a.568.568,0,0,1,.568.568V5.788a0,0,0,0,1,0,0H.5a0,0,0,0,1,0,0V2.734A.568.568,0,0,1,1.071,2.166Z" fill="#0078d4" />
+      <path d="M4.292,7.153h.523a.167.167,0,0,1,.167.167v3.858a.335.335,0,0,1-.335.335H4.125a0,0,0,0,1,0,0V7.321a.167.167,0,0,1,.167-.167Z" transform="translate(-5.271 5.967) rotate(-45.081)" fill="#f2f2f2" />
+      <path d="M4.32,9.647h.523a.167.167,0,0,1,.167.167v4.131a0,0,0,0,1,0,0H4.488a.335.335,0,0,1-.335-.335v-3.8a.167.167,0,0,1,.167-.167Z" transform="translate(-0.504 23.385) rotate(-135.081)" fill="#e6e6e6" />
+      <rect x="7.221" y="12.64" width="4.771" height="1.011" rx="0.291" fill="#f2f2f2" />
+    </g>
+  </g>
+</svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell.svg b/windows/deployment/images/icons/powershell.svg
new file mode 100644
index 0000000000..7ea68cb8b0
--- /dev/null
+++ b/windows/deployment/images/icons/powershell.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2048 2048">
+  <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
+</svg>
\ No newline at end of file
diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 080b060656..42f137223d 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -53,25 +53,23 @@ Note about Windows Server 2012 R2
 
 ## Step 1: Download and install ADK
 
-- Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
+1. Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
 
-- Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). Make sure to download and install both components.
+1. Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). Make sure to download and install both components.
 
-- It's strongly recommended to download and install the latest version of the ADK.
+It's strongly recommended to download and install the latest version of the ADK. When installing the Windows ADK, it's only necessary to install the **Deployment Tools**.
 
-- When installing the Windows ADK, it's only necessary to install the **Deployment Tools**.
-
-- The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths accordingly.
+The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths accordingly.
 
 ## Step 2: Download cumulative update (CU)
 
-- Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of Windows PE that was downloaded in [Step 1](#step-1-download-and-install-adk) or the version of the Windows PE boot image that will be updated.
+1. Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of Windows PE that was downloaded in [Step 1](#step-1-download-and-install-adk) or the version of the Windows PE boot image that will be updated.
 
-- When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
+1. When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
 
-- Once the cumulative update has been found, download the appropriate version for the version and architecture of Windows that matches the Windows PE boot image. For example, if the version of the Windows PE boot image is Windows 11 22H2 64-bit, then download the **Cumulative Update for Windows 11 Version 22H2 for x64-based Systems" version of the update.
+1. Once the cumulative update has been found, download the appropriate version for the version and architecture of Windows that matches the Windows PE boot image. For example, if the version of the Windows PE boot image is Windows 11 22H2 64-bit, then download the **Cumulative Update for Windows 11 Version 22H2 for x64-based Systems** version of the update.
 
-- Store the downloaded cumulative update in a known location for later use.
+1. Store the downloaded cumulative update in a known location for later use.
 
 > [!TIP]
 >
@@ -81,25 +79,25 @@ Note about Windows Server 2012 R2
 
 ## Step 3: Backup existing boot image
 
-- Before modifying the desired boot image, make a backup copy of the boot image. For example,
+Before modifying the desired boot image, make a backup copy of the boot image. For example:
 
-  - For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
+- For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
-  - For the boot image included with Microsoft Configuration Manager, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`
+- For the boot image included with Microsoft Configuration Manager, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`
 
 ## Step 4: Mount boot image to temporary mount folder
 
-- Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
+Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [**PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
 ```
 
-For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage)
+For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [**Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -111,19 +109,23 @@ For more information, see [Modify a Windows image using DISM: Mount an image](/w
 
 ## Step 5: Add drivers to boot image
 
-- If needed, add any drivers to the boot image.
+If needed, add any drivers to the boot image:
 
-### [**PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Command to be determined
 ```
 
-### [**Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
-DISM.exe/Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirver_INF_source_path>\<driver>.inf"
+DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirver_INF_source_path>\<driver>.inf"
+```
 
+or
+
+```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirvers_source_path" /Recurse
 ```
 
@@ -137,46 +139,55 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 ## Step 6: Add optional components to boot image
 
-- Add any desired optional components to the boot image.
-- The below examples assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+1. Add any desired optional components to the boot image:
 
-### [**PowerShell**](#tab/powershell)
+  ### [:::image type="icon" source="images/icons/powershell-16.png"::: **PowerShell**](#tab/powershell)
 
-```powershell
-Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
-```
+  ```powershell
+  Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
+  ```
 
-For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
+  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
-### [**Command Line**](#tab/command-line)
+  For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
 
-```cmd
-DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
-```
+  ### [:::image type="icon" source="images/icons/command-prompt-16.png"::: **Command Line**](#tab/command-line)
 
----
+  ```cmd
+  DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
+  ```
 
-You can add as many desired optional components as needed on a single DISM.exe command line.
+  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
-For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
+  You can add as many desired optional components as needed on a single **DISM.exe** command line.
 
-- Make sure that after adding the optional component to also add the language specific component for that optional component. For example, for English United States (en-us), add the following:
+  For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
 
-### [**PowerShell**](#tab/powershell)
+  ---
 
-```powershell
-Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
-```
+1. Make sure that after adding the optional component to also add the language specific component for that optional component. This needs to be done for every optional component that is added to the boot image.
 
-### [**Command Line**](#tab/command-line)
+  For example, for English United States (en-us), add the following:
 
-```cmd
-DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
-```
+  ### [:::image type="icon" source="images/icons/powershell-24.png"::: **PowerShell**](#tab/powershell)
 
-You can add as many desired optional components as needed on a single DISM.exe command line.
+  ```powershell
+  Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
+  ```
 
----
+  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+
+  ### [:::image type="icon" source="images/icons/command-prompt-24.png"::: **Command Line**](#tab/command-line)
+
+  ```cmd
+  DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
+  ```
+
+  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+
+  You can add as many desired optional components as needed on a single DISM.exe command line.
+
+  ---
 
 > [!IMPORTANT]
 >
@@ -195,9 +206,9 @@ You can add as many desired optional components as needed on a single DISM.exe c
 
 ## Step 7: Add cumulative update (CU) to boot image
 
-- Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image.
+Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image:
 
-### [**PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-32.png"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
@@ -205,7 +216,7 @@ Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_p
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
 
-### [**Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt-32.png"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
@@ -221,8 +232,7 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 
 ## Step 8: Copy boot files from mounted image to ADK installation path
 
-- Copy the updated bootmgr files from the updated boot image to the ADK installation path.
-- This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr files are available to the ADK when creating bootable media. In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
+Copy the updated bootmgr files from the updated boot image to the ADK installation path:
 
 ### [**PowerShell**](#tab/powershell)
 
@@ -240,9 +250,11 @@ Command to be determined
 
 ---
 
+This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr files are available to the ADK when creating bootable media. In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
+
 ## Step 9: Perform component cleanup
 
-- Run DISM.exe commands that will clean up the mounted image and help reduce its size
+Run **DISM.exe** commands that will clean up the mounted image and help reduce its size:
 
 ### [**PowerShell**](#tab/powershell)
 
@@ -266,7 +278,7 @@ For more information, see [Modify a Windows image using DISM: Reduce the size of
 
 ## Step 10: Verify all desired packages have been added to boot image
 
-- After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they are showing as installed.
+After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they are showing as installed:
 
 ### [**PowerShell**](#tab/powershell)
 
@@ -310,27 +322,27 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 ## Step 12: Export boot image to reduce size
 
-- Once the boot image has been unmounted and saved, its size can be further reduced by exporting it.
+1. Once the boot image has been unmounted and saved, its size can be further reduced by exporting it:
 
-### [**PowerShell**](#tab/powershell)
+  ### [**PowerShell**](#tab/powershell)
 
-```powershell
-Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
-```
+  ```powershell
+  Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
+  ```
 
-For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
+  For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
-### [**Command Line**](#tab/command-line)
+  ### [**Command Line**](#tab/command-line)
 
-```cmd
-DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
-```
+  ```cmd
+  DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
+  ```
 
-For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
+  For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
 
----
+  ---
 
-- Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
+1. Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
 
 ## Considerations for Microsoft Configuration Manager
 

From f7815742f63df0bcf10c79ac2b30099167b76c7c Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 12:00:24 -0400
Subject: [PATCH 15/59] Update Boot Image with CU Article 15

---
 windows/deployment/update-boot-image.md | 64 ++++++++++++-------------
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 42f137223d..18a6350563 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -141,53 +141,53 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 1. Add any desired optional components to the boot image:
 
-  ### [:::image type="icon" source="images/icons/powershell-16.png"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-16.png"::: **PowerShell**](#tab/powershell)
 
-  ```powershell
-  Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
-  ```
+    ```powershell
+    Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
+    ```
 
-  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
-  For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
+    For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
 
-  ### [:::image type="icon" source="images/icons/command-prompt-16.png"::: **Command Line**](#tab/command-line)
+    ### [:::image type="icon" source="images/icons/command-prompt-16.png"::: **Command Line**](#tab/command-line)
 
-  ```cmd
-  DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
-  ```
+    ```cmd
+    DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
+    ```
 
-  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
-  You can add as many desired optional components as needed on a single **DISM.exe** command line.
+    You can add as many desired optional components as needed on a single **DISM.exe** command line.
 
-  For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
+    For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
 
-  ---
+    ---
 
 1. Make sure that after adding the optional component to also add the language specific component for that optional component. This needs to be done for every optional component that is added to the boot image.
 
   For example, for English United States (en-us), add the following:
 
-  ### [:::image type="icon" source="images/icons/powershell-24.png"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-24.png"::: **PowerShell**](#tab/powershell)
 
-  ```powershell
-  Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
-  ```
+    ```powershell
+    Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
+    ```
 
-  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
-  ### [:::image type="icon" source="images/icons/command-prompt-24.png"::: **Command Line**](#tab/command-line)
+    ### [:::image type="icon" source="images/icons/command-prompt-24.png"::: **Command Line**](#tab/command-line)
 
-  ```cmd
-  DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
-  ```
+    ```cmd
+    DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
+    ```
 
-  This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
-  You can add as many desired optional components as needed on a single DISM.exe command line.
+    You can add as many desired optional components as needed on a single DISM.exe command line.
 
-  ---
+    ---
 
 > [!IMPORTANT]
 >
@@ -300,7 +300,7 @@ For more information, see [DISM Operating System Package (.cab or .msu) Servicin
 
 ## Step 11: Unmount boot image and save changes
 
-- Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
+Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
 
 ### [**PowerShell**](#tab/powershell)
 
@@ -324,7 +324,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 1. Once the boot image has been unmounted and saved, its size can be further reduced by exporting it:
 
-  ### [**PowerShell**](#tab/powershell)
+  # [**PowerShell**](#tab/powershell)
 
   ```powershell
   Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
@@ -332,7 +332,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
   For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
-  ### [**Command Line**](#tab/command-line)
+  # [**Command Line**](#tab/command-line)
 
   ```cmd
   DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
@@ -344,8 +344,8 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 1. Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
 
-## Considerations for Microsoft Configuration Manager
+## Microsoft Configuration Manager considerations
 
-## Considerations for Microsoft Deployment Toolkit (MDT)
+## Microsoft Deployment Toolkit (MDT) considerations
 
-## Considerations for Windows Deployment Services (WDS)
+## Windows Deployment Services (WDS) considerations

From 59a9cb288eec470145d58f1950a72275ad7e06bf Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 12:10:00 -0400
Subject: [PATCH 16/59] Update Boot Image with CU Article 16

---
 windows/deployment/update-boot-image.md | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 18a6350563..9a195963e4 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -167,7 +167,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 1. Make sure that after adding the optional component to also add the language specific component for that optional component. This needs to be done for every optional component that is added to the boot image.
 
-  For example, for English United States (en-us), add the following:
+    For example, for English United States (en-us), add the following:
 
     ### [:::image type="icon" source="images/icons/powershell-24.png"::: **PowerShell**](#tab/powershell)
 
@@ -324,23 +324,23 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 1. Once the boot image has been unmounted and saved, its size can be further reduced by exporting it:
 
-  # [**PowerShell**](#tab/powershell)
+    ### [**PowerShell**](#tab/powershell)
 
-  ```powershell
-  Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
-  ```
+    ```powershell
+    Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
+    ```
 
-  For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
+    For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
-  # [**Command Line**](#tab/command-line)
+    ### [**Command Line**](#tab/command-line)
 
-  ```cmd
-  DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
-  ```
+    ```cmd
+    DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
+    ```
 
-  For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
+    For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
 
-  ---
+    ---
 
 1. Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
 

From f676f9c5208583f416b09c1432e6d90c79c20ba1 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 12:38:24 -0400
Subject: [PATCH 17/59] Update Boot Image with CU Article 17

---
 windows/deployment/update-boot-image.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 9a195963e4..3c6d5fb765 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -89,7 +89,7 @@ Before modifying the desired boot image, make a backup copy of the boot image. F
 
 Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell.svg"{width=50%,height:50%}::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg"{width=50%,height:50%}::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -117,7 +117,7 @@ If needed, add any drivers to the boot image:
 Command to be determined
 ```
 
-### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg"{width=18px,height:18px}::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirver_INF_source_path>\<driver>.inf"
@@ -342,7 +342,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
     ---
 
-1. Once the export has completed, delete the original boot image and then rename the exported boot image with the name of the original boot image.
+1. Once the export has completed, delete the original updated boot image and then rename the exported boot image with the name of the original updated boot image.
 
 ## Microsoft Configuration Manager considerations
 

From 2c6dccfca7f1a17913b498503c91e3b09a26b843 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 12:45:17 -0400
Subject: [PATCH 18/59] Update Boot Image with CU Article 18

---
 windows/deployment/update-boot-image.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 3c6d5fb765..0452454f38 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -89,7 +89,7 @@ Before modifying the desired boot image, make a backup copy of the boot image. F
 
 Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell.svg"{width=50%,height:50%}::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell.svg"{ width=50%,height:50% }::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/command-prompt.svg"{width=50%,height:50%}::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg" { width=50%,height:50% }::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -117,16 +117,16 @@ If needed, add any drivers to the boot image:
 Command to be determined
 ```
 
-### [:::image type="icon" source="images/icons/command-prompt.svg"{width=18px,height:18px}::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg"{ width=18px,height:18px }::: **Command Line**](#tab/command-line)
 
 ```cmd
-DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirver_INF_source_path>\<driver>.inf"
+DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Driver_INF_source_path>\<driver>.inf"
 ```
 
 or
 
 ```cmd
-DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Dirvers_source_path" /Recurse
+DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Drivers_source_path" /Recurse
 ```
 
 For more information, see [Add and Remove Driver packages to an offline Windows Image](/windows-hardware/manufacture/desktop/add-and-remove-drivers-to-an-offline-windows-image)

From 3c54663a25f8ddfc8f85d2292ce1ecd41e5bcd83 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 13:09:13 -0400
Subject: [PATCH 19/59] Update Boot Image with CU Article 19

---
 windows/deployment/update-boot-image.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 0452454f38..83ebea68d7 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -89,7 +89,7 @@ Before modifying the desired boot image, make a backup copy of the boot image. F
 
 Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell.svg"{ width=50%,height:50% }::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell.svg"{: width=50% height:50%}::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/command-prompt.svg" { width=50%,height:50% }::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg =18x18"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"

From 35aca47a28cf4404ab5161e0384c6b172e99072b Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 13:13:26 -0400
Subject: [PATCH 20/59] Update Boot Image with CU Article 20

---
 windows/deployment/update-boot-image.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 83ebea68d7..e69d5565d1 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -89,7 +89,7 @@ Before modifying the desired boot image, make a backup copy of the boot image. F
 
 Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell.svg"{: width=50% height:50%}::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/command-prompt.svg =18x18"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -117,7 +117,7 @@ If needed, add any drivers to the boot image:
 Command to be determined
 ```
 
-### [:::image type="icon" source="images/icons/command-prompt.svg"{ width=18px,height:18px }::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Driver_INF_source_path>\<driver>.inf"

From 05b0bf48ca7fad2fa76f19da5fbde342771c0a42 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 13:27:34 -0400
Subject: [PATCH 21/59] Update Boot Image with CU Article 21

---
 windows/deployment/images/icons/command-prompt-18.svg       | 3 +++
 .../icons/{command-prompt.svg => command-prompt-org.svg}    | 0
 windows/deployment/images/icons/powershell-18.svg           | 3 +++
 windows/deployment/images/icons/powershell-org.svg          | 3 +++
 windows/deployment/update-boot-image.md                     | 6 +++---
 5 files changed, 12 insertions(+), 3 deletions(-)
 create mode 100644 windows/deployment/images/icons/command-prompt-18.svg
 rename windows/deployment/images/icons/{command-prompt.svg => command-prompt-org.svg} (100%)
 create mode 100644 windows/deployment/images/icons/powershell-18.svg
 create mode 100644 windows/deployment/images/icons/powershell-org.svg

diff --git a/windows/deployment/images/icons/command-prompt-18.svg b/windows/deployment/images/icons/command-prompt-18.svg
new file mode 100644
index 0000000000..8a0a716d98
--- /dev/null
+++ b/windows/deployment/images/icons/command-prompt-18.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
+  <path d="M2048 128v1664H0V128h2048zM128 256v128h1792V256H128zm1792 1408V512H128v1152h1792zm-528-896l257 640h-91l-257-640h91zm-656 76q-53 0-96 16t-74 48-48 78-17 106q0 55 15 100t45 76 73 49 98 17q35 0 69-7t58-18l16 62q-22 11-63 19t-96 9q-63 0-117-20t-95-58-62-95-23-131q0-70 23-128t64-100 99-65 128-23q57 0 92 9t51 18l-19 63q-22-11-52-18t-69-7zm288 52h128v128h-128V896zm0 256h128v128h-128v-128z" />
+</svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/command-prompt.svg b/windows/deployment/images/icons/command-prompt-org.svg
similarity index 100%
rename from windows/deployment/images/icons/command-prompt.svg
rename to windows/deployment/images/icons/command-prompt-org.svg
diff --git a/windows/deployment/images/icons/powershell-18.svg b/windows/deployment/images/icons/powershell-18.svg
new file mode 100644
index 0000000000..ce645d001f
--- /dev/null
+++ b/windows/deployment/images/icons/powershell-18.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18"
+  <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
+</svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell-org.svg b/windows/deployment/images/icons/powershell-org.svg
new file mode 100644
index 0000000000..7ea68cb8b0
--- /dev/null
+++ b/windows/deployment/images/icons/powershell-org.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2048 2048">
+  <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
+</svg>
\ No newline at end of file
diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index e69d5565d1..5356ec74a5 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -89,7 +89,7 @@ Before modifying the desired boot image, make a backup copy of the boot image. F
 
 Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -117,7 +117,7 @@ If needed, add any drivers to the boot image:
 Command to be determined
 ```
 
-### [:::image type="icon" source="images/icons/command-prompt.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-prompt-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Driver_INF_source_path>\<driver>.inf"

From 4e51e5f73edbb9268daef9effd7c157255707be9 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 13:40:44 -0400
Subject: [PATCH 22/59] Update Boot Image with CU Article 22

---
 windows/deployment/images/icons/powershell-18.svg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/images/icons/powershell-18.svg b/windows/deployment/images/icons/powershell-18.svg
index ce645d001f..d1342f36f3 100644
--- a/windows/deployment/images/icons/powershell-18.svg
+++ b/windows/deployment/images/icons/powershell-18.svg
@@ -1,3 +1,3 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18"
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
   <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
 </svg>
\ No newline at end of file

From 8b19e17bb2ac814a02182d06c2f0120c15243558 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 13:53:25 -0400
Subject: [PATCH 23/59] Update Boot Image with CU Article 23

---
 windows/deployment/images/icons/command-prompt-18.svg   | 2 +-
 windows/deployment/images/icons/powershell-color-18.svg | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/images/icons/command-prompt-18.svg b/windows/deployment/images/icons/command-prompt-18.svg
index 8a0a716d98..5f434b70ba 100644
--- a/windows/deployment/images/icons/command-prompt-18.svg
+++ b/windows/deployment/images/icons/command-prompt-18.svg
@@ -1,3 +1,3 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 2048 2048">
   <path d="M2048 128v1664H0V128h2048zM128 256v128h1792V256H128zm1792 1408V512H128v1152h1792zm-528-896l257 640h-91l-257-640h91zm-656 76q-53 0-96 16t-74 48-48 78-17 106q0 55 15 100t45 76 73 49 98 17q35 0 69-7t58-18l16 62q-22 11-63 19t-96 9q-63 0-117-20t-95-58-62-95-23-131q0-70 23-128t64-100 99-65 128-23q57 0 92 9t51 18l-19 63q-22-11-52-18t-69-7zm288 52h128v128h-128V896zm0 256h128v128h-128v-128z" />
 </svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell-color-18.svg b/windows/deployment/images/icons/powershell-color-18.svg
index ab2d5152ca..4e8ad86674 100644
--- a/windows/deployment/images/icons/powershell-color-18.svg
+++ b/windows/deployment/images/icons/powershell-color-18.svg
@@ -1,4 +1,4 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 2048 2048">
   <defs>
     <linearGradient id="a24f9983-911f-4df7-920f-f964c8c10f82" x1="9" y1="15.834" x2="9" y2="5.788" gradientUnits="userSpaceOnUse">
       <stop offset="0" stop-color="#32bedd" />

From 6ebd80f097f801ef0f0ee3bb52e6101b92895e5d Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 14:12:16 -0400
Subject: [PATCH 24/59] Update Boot Image with CU Article 24

---
 windows/deployment/images/icons/powershell-18.svg       | 2 +-
 windows/deployment/images/icons/powershell-color-18.svg | 2 +-
 windows/deployment/update-boot-image.md                 | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/images/icons/powershell-18.svg b/windows/deployment/images/icons/powershell-18.svg
index d1342f36f3..734d3930b1 100644
--- a/windows/deployment/images/icons/powershell-18.svg
+++ b/windows/deployment/images/icons/powershell-18.svg
@@ -1,3 +1,3 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 2048 2048">
   <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
 </svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell-color-18.svg b/windows/deployment/images/icons/powershell-color-18.svg
index 4e8ad86674..ab2d5152ca 100644
--- a/windows/deployment/images/icons/powershell-color-18.svg
+++ b/windows/deployment/images/icons/powershell-color-18.svg
@@ -1,4 +1,4 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 2048 2048">
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
   <defs>
     <linearGradient id="a24f9983-911f-4df7-920f-f964c8c10f82" x1="9" y1="15.834" x2="9" y2="5.788" gradientUnits="userSpaceOnUse">
       <stop offset="0" stop-color="#32bedd" />
diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 5356ec74a5..777aa721ea 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -111,7 +111,7 @@ For more information, see [Modify a Windows image using DISM: Mount an image](/w
 
 If needed, add any drivers to the boot image:
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"(#tab/powershell)
 
 ```powershell
 Command to be determined

From b57185dc2ef57cbe148dbc08f7562308b8c37bff Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 14:17:44 -0400
Subject: [PATCH 25/59] Update Boot Image with CU Article 25

---
 windows/deployment/update-boot-image.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 777aa721ea..5356ec74a5 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -111,7 +111,7 @@ For more information, see [Modify a Windows image using DISM: Mount an image](/w
 
 If needed, add any drivers to the boot image:
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"(#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Command to be determined

From c3f8de7ae49d3a46b1ac539436f3fb24965a9684 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 14:29:27 -0400
Subject: [PATCH 26/59] Update Boot Image with CU Article 26

---
 ...mand-prompt-18.svg => command-line-18.svg} |   0
 .../images/icons/command-prompt-16.png        | Bin 343 -> 0 bytes
 .../images/icons/command-prompt-24.png        | Bin 455 -> 0 bytes
 .../images/icons/command-prompt-32.png        | Bin 510 -> 0 bytes
 .../images/icons/command-prompt-org.svg       |   3 --
 .../deployment/images/icons/powershell-16.png | Bin 317 -> 0 bytes
 .../deployment/images/icons/powershell-24.png | Bin 425 -> 0 bytes
 .../deployment/images/icons/powershell-32.png | Bin 437 -> 0 bytes
 .../images/icons/powershell-org.svg           |   3 --
 .../deployment/images/icons/powershell.svg    |   3 --
 windows/deployment/update-boot-image.md       |  38 +++++++++---------
 11 files changed, 19 insertions(+), 28 deletions(-)
 rename windows/deployment/images/icons/{command-prompt-18.svg => command-line-18.svg} (100%)
 delete mode 100644 windows/deployment/images/icons/command-prompt-16.png
 delete mode 100644 windows/deployment/images/icons/command-prompt-24.png
 delete mode 100644 windows/deployment/images/icons/command-prompt-32.png
 delete mode 100644 windows/deployment/images/icons/command-prompt-org.svg
 delete mode 100644 windows/deployment/images/icons/powershell-16.png
 delete mode 100644 windows/deployment/images/icons/powershell-24.png
 delete mode 100644 windows/deployment/images/icons/powershell-32.png
 delete mode 100644 windows/deployment/images/icons/powershell-org.svg
 delete mode 100644 windows/deployment/images/icons/powershell.svg

diff --git a/windows/deployment/images/icons/command-prompt-18.svg b/windows/deployment/images/icons/command-line-18.svg
similarity index 100%
rename from windows/deployment/images/icons/command-prompt-18.svg
rename to windows/deployment/images/icons/command-line-18.svg
diff --git a/windows/deployment/images/icons/command-prompt-16.png b/windows/deployment/images/icons/command-prompt-16.png
deleted file mode 100644
index d3a5d0257cbb088e7d90f0751012d1bd70aa5f73..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 343
zcmeAS@N?(olHy`uVBq!ia0vp^0wB!61|;P_|4#%`jKx9jP7LeL$-D$|SkfJR9T^xl
z_H+M9WCij$3p^r=85sBugD~Uq{1quc!8e{Rjv*HQYcK81VsaE|dw7vMz%eKyGID9}
zTziFx3~?SaM%SDoW=$5(s4UHY3Brcv0{PCmTRo;*l~4SBCQ`gqT#VhmVp=}?Go9Vm
z&*WAncKNdl&(MGK@!bRVZ!fKTWMmTAbN04I%O+ft@F+atq^I4pw8C>?vw2F&!PCO4
zqW+$^*UiYO^RdU~(u+r|ku}PF!A#64$^NV5f1Xuco7UD9Hv2#W+pnm<CV|(p%+GJV
z#lm*t_i6W9S4n;gd4a=hmet}$4wGECb5At97WuFul>LNodyved|HtB6=6=<vH*l>{
jc(cTH=f4NrkIkspY!587t}w^}`kTSi)z4*}Q$iB}Xexfn

diff --git a/windows/deployment/images/icons/command-prompt-24.png b/windows/deployment/images/icons/command-prompt-24.png
deleted file mode 100644
index f5729faa7f8a423fbb8d5b494cb67b9adb34d0b4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 455
zcmV;&0XY7NP)<h;3K|Lk000e1NJLTq000;O000;W1^@s6;CDUv00001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0bEH$K~zXf)zmvL
z1wk0b@gam$NC=hCxP1c=iG)h6qf#m)isM#DC?pb5C`b^6hEgL6t;T2I14tA)4Wi)x
z%!PAyWmaNV;z@qlclPYgn=`Y!<}cEYUi6ee^O|iu<Glo$*Bto4A{G)_hvqehc!8Fx
z1+58ao_^Q{yS^xk*~c5!u$s^oY=a}%%}AUIY=f`|I*~GZObZ)~U<F#fQJu(S2pg`<
zrLe&cuCa_I%s}aYZf@}P6ULBDw80c^(QHTcIe~5r*YDxnm34_W&<%R=zRLvW(PT%)
z4B`=;cJ!5KgDcFsG8av(7pXQk(4$$KXal``XRgd8yF|(~?p*nqXaju(@1YIuhA!@d
zG6^kTSRzGx^#J`A5^bOi;1rj*z#L-Pgg%@hg$+U){qZMh^G7AuAa%N68|ZJnLQA5q
xsSLw5IQB(Z%s8shHz)ha{SD2hdH;2c`2a5xuKgL6Mj`+J002ovPDHLkV1nfNzTf}=

diff --git a/windows/deployment/images/icons/command-prompt-32.png b/windows/deployment/images/icons/command-prompt-32.png
deleted file mode 100644
index 0d715e93fbc427232dc20bc62a0cf2ead751eb83..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 510
zcmV<a0RjGrP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0h38YK~z{r?Uy-A
z#6SQ><57qfUX@mYrC17rpddDar3xaVwH6+Tl~$J8c!Hg+cz}(Kje-gmTG*+LHvR(z
zZS;MU9d@%$Ocs`8g?;eId=o;x>`sPVuMCXf4sNBO?(6O2cZz!3nZW_hB<Lju3JfbG
z$SMX3T;L|UzN=!Z`#fNvKw6g08kkf_kTnbxP^%=d_x&FQs&EjOa1jTv8eO#D9(I@%
zPV54G_>7Nuif4F(jp(8V-|@(#aAFnEQ|R0ZR%#-Lip+5ocd^$bpLx`EO(waCRp1=;
zy8Oi<>iT7qd~{>Y&6(sTvOpbv;<!oS=*g$C)1)lN_~H+pL>6d8&G(yBI6bKAb#xI~
zpccPy!lZCqYryh~C;spkkp;vRUi-sPTx-BGi#peAQjk~$x=`mfut5_UG`4Sro?O@F
zuK{5f<AO;+Vigct15fydw|I|t7`6}Oqy69mwLjz%yMUz|$8ZSS(e49Lw4pwMdXusg
zT%g#LUV$lv1X;&Gfz*BzrvAUczQ<`<CQUr=2h}_=9(ljFXaE2J07*qoM6N<$f<Tbm
AQUCw|

diff --git a/windows/deployment/images/icons/command-prompt-org.svg b/windows/deployment/images/icons/command-prompt-org.svg
deleted file mode 100644
index c446f2976d..0000000000
--- a/windows/deployment/images/icons/command-prompt-org.svg
+++ /dev/null
@@ -1,3 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2048 2048">
-  <path d="M2048 128v1664H0V128h2048zM128 256v128h1792V256H128zm1792 1408V512H128v1152h1792zm-528-896l257 640h-91l-257-640h91zm-656 76q-53 0-96 16t-74 48-48 78-17 106q0 55 15 100t45 76 73 49 98 17q35 0 69-7t58-18l16 62q-22 11-63 19t-96 9q-63 0-117-20t-95-58-62-95-23-131q0-70 23-128t64-100 99-65 128-23q57 0 92 9t51 18l-19 63q-22-11-52-18t-69-7zm288 52h128v128h-128V896zm0 256h128v128h-128v-128z" />
-</svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell-16.png b/windows/deployment/images/icons/powershell-16.png
deleted file mode 100644
index 4ecfea848644068ea9bcb4506dabd981e216ef49..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 317
zcmeAS@N?(olHy`uVBq!ia0vp^0wB!61|;P_|4#%`jKx9jP7LeL$-D$|SkfJR9T^xl
z_H+M9WCij$3p^r=85sBugD~Uq{1quc!AqVljv*HQYcJXJF*=GI|JZp>Fy<hmh>-2v
zBfctDf>IyVrRo<Y9cGMi?48un=d!ej^}hLT<=LjYwGZq6%(-{&-5$+nE9;juX-?xi
z7LYA-p`f7AuC{+)vv5gs>;{FZg;r+;vs$-_@Xb7Z_^?Blf^*4VBhyXa7dr~3=S-a3
z+7cl>qvwN*@BW*@w-vfs^E6I7`K;kh+3@a$f-*PfMza?S-c4V{^)pY+Kg;rfi}{4?
zDZbl81m^Cu@ws=s!nNX9FXy7e#?3$fHE1ntebIkE<I!}DuT0Z2g1)+MoD&T69fPN<
KpUXO@geCwfVtX9`

diff --git a/windows/deployment/images/icons/powershell-24.png b/windows/deployment/images/icons/powershell-24.png
deleted file mode 100644
index 7c60d412ce348c58c22b365273d8d58591b848b0..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 425
zcmV;a0apHrP)<h;3K|Lk000e1NJLTq000;O000;W1^@s6;CDUv00001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0X|7YK~zXf)z!O7
z13?tV@$mwhLI`MOOcjNISX!sDu=OE?6oLt8AqW-<R%s+ge1_Qj0D@hbyn>}&iYON5
z{|&P+#Jx=7uHXkhvKh{v!(K8me~~h(*eZbfnp=$VT>$kp_wGv@Cpo%=`kEd-pj)+q
z)f}i#4R%1s9Tdgf;R_cy&(RI+fCt!zk#kD01EOc31wYH~bKdARO&qX*C%mAdg*lQr
z;1ntt;Rv%PbwHFo44}d;;%br-G(cIx6;wRL0YVZyK&j&$I^i0+g;@z6a0V5=;ZO^K
z$sDkQXQ-%;b<C2~0gHHr3XZklqE|L<YuDNu{G<+0_MIqdq7#y6d+_sPKvwk2ZX#}L
zmR<PSfE}R!gHLS3zwBw7h})VYdPaV|uHFuKbO%K-4YZ)waeB-B4fRvse;s2c#L=?>
T;xcYW00000NkvXXu0mjflQymO

diff --git a/windows/deployment/images/icons/powershell-32.png b/windows/deployment/images/icons/powershell-32.png
deleted file mode 100644
index c28fd8f833588b38eddc94d0acdfcaa0e30a8361..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 437
zcmV;m0ZRUfP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0ZK_kK~z{r?bp38
z1VJ3e@exGg6rvTCmMA3(|AGcBJ)KIT)1kO{38hvP3ZjrmC>0tSe}P1+(Mb3{VG_&A
z{$_W~DDFu<$-c~Hp1a-K%(+g;9QLr2f#!9Gc+1G`er_CLDWPi=3e0LJVb)P7aD{D@
z-K*F%&m9T{a``{cz=C!XW)p=1YLzm6-pT@l82#9c8dHH@oZ}huIuJ3Y0{u9J&dWYp
zh!Il(pJlv2<L)tqrU@#bOyC9@E30Ud-~x)Ci4FK~;{s#oLTG9g@X<?4*T^OM5Sm&A
zhH(NvxgN?P)JbrG89YK`pP+?Ilb8$Wr`U$Z$Qee^G^PRrxP{KYVg<2cD$tDsJYZ4>
zzQnSY)cI+Y#Z*A)fo{Y197EStSwmUO1%8V@nXaiaj<WnHu&AAc*+QW}wl!h){{_~2
f`Bys08Ry;spiw$ABqzh900000NkvXXu0mjfK<2fT

diff --git a/windows/deployment/images/icons/powershell-org.svg b/windows/deployment/images/icons/powershell-org.svg
deleted file mode 100644
index 7ea68cb8b0..0000000000
--- a/windows/deployment/images/icons/powershell-org.svg
+++ /dev/null
@@ -1,3 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2048 2048">
-  <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
-</svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell.svg b/windows/deployment/images/icons/powershell.svg
deleted file mode 100644
index 7ea68cb8b0..0000000000
--- a/windows/deployment/images/icons/powershell.svg
+++ /dev/null
@@ -1,3 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2048 2048">
-  <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
-</svg>
\ No newline at end of file
diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 5356ec74a5..b621a07b4d 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -89,7 +89,7 @@ Before modifying the desired boot image, make a backup copy of the boot image. F
 
 Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/command-prompt-18.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -117,7 +117,7 @@ If needed, add any drivers to the boot image:
 Command to be determined
 ```
 
-### [:::image type="icon" source="images/icons/command-prompt-18.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Driver_INF_source_path>\<driver>.inf"
@@ -141,7 +141,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 1. Add any desired optional components to the boot image:
 
-    ### [:::image type="icon" source="images/icons/powershell-16.png"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
@@ -151,7 +151,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
 
-    ### [:::image type="icon" source="images/icons/command-prompt-16.png"::: **Command Line**](#tab/command-line)
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
     ```cmd
     DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
@@ -169,7 +169,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     For example, for English United States (en-us), add the following:
 
-    ### [:::image type="icon" source="images/icons/powershell-24.png"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
@@ -177,7 +177,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
-    ### [:::image type="icon" source="images/icons/command-prompt-24.png"::: **Command Line**](#tab/command-line)
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
     ```cmd
     DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
@@ -208,7 +208,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image:
 
-### [:::image type="icon" source="images/icons/powershell-32.png"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
@@ -216,7 +216,7 @@ Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_p
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
 
-### [:::image type="icon" source="images/icons/command-prompt-32.png"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
@@ -234,7 +234,7 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 
 Copy the updated bootmgr files from the updated boot image to the ADK installation path:
 
-### [**PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
@@ -242,7 +242,7 @@ Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
 ```
 
-### [**Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 Command to be determined
@@ -256,7 +256,7 @@ This step doesn't update or change the boot image. However, it makes sure that t
 
 Run **DISM.exe** commands that will clean up the mounted image and help reduce its size:
 
-### [**PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
@@ -264,7 +264,7 @@ Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
 ```
 
-### [**Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer
@@ -280,7 +280,7 @@ For more information, see [Modify a Windows image using DISM: Reduce the size of
 
 After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they are showing as installed:
 
-### [**PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Get-WindowsPackage -Path "<Mount_folder_path>"
@@ -288,7 +288,7 @@ Get-WindowsPackage -Path "<Mount_folder_path>"
 
 For more information, see [Get-WindowsPackage](/powershell/module/dism/get-windowspackage).
 
-### [**Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Get-Packages
@@ -302,7 +302,7 @@ For more information, see [DISM Operating System Package (.cab or .msu) Servicin
 
 Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
 
-### [**PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
@@ -310,7 +310,7 @@ Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
 
 For more information, see [Dismount-WindowsImage](/powershell/module/dism/dismount-windowsimage).
 
-### [**Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Unmount-Image /MountDir:"<Mount_folder_path>" /Commit
@@ -324,7 +324,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 1. Once the boot image has been unmounted and saved, its size can be further reduced by exporting it:
 
-    ### [**PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
     Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
@@ -332,7 +332,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
     For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
-    ### [**Command Line**](#tab/command-line)
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
     ```cmd
     DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"

From 14bbe96d93b96547e62505bd2f2c89d856a0234f Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 14:38:18 -0400
Subject: [PATCH 27/59] Update Boot Image with CU Article 27

---
 .../deployment/images/icons/terminal-18.svg   | 90 +++++++++++++++++++
 windows/deployment/update-boot-image.md       |  4 +-
 2 files changed, 92 insertions(+), 2 deletions(-)
 create mode 100644 windows/deployment/images/icons/terminal-18.svg

diff --git a/windows/deployment/images/icons/terminal-18.svg b/windows/deployment/images/icons/terminal-18.svg
new file mode 100644
index 0000000000..7e1f7de9c2
--- /dev/null
+++ b/windows/deployment/images/icons/terminal-18.svg
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg width="18" height="18" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M0 13H16V6H2C0.9 6 0 6.9 0 8V13Z" fill="#CCCCCC"/>
+<path d="M32 6H16V13H32V6Z" fill="#999999"/>
+<path d="M48 13H32V6H46C47.1 6 48 6.9 48 8V13Z" fill="#666666"/>
+<path d="M46 42H2C0.9 42 0 41.1 0 40V12H48V40C48 41.1 47.1 42 46 42Z" fill="url(#paint0_linear)"/>
+<g filter="url(#filter0_dd)">
+<path d="M15.2 24.3L6.39999 33.1C5.89999 33.6 5.89999 34.3 6.39999 34.7L8.19999 36.5C8.69999 37 9.4 37 9.8 36.5L18.6 27.7C19.1 27.2 19.1 26.5 18.6 26.1L16.8 24.3C16.4 23.9 15.6 23.9 15.2 24.3Z" fill="url(#paint1_linear)"/>
+<mask id="mask0" mask-type="alpha" maskUnits="userSpaceOnUse" x="6" y="24" width="13" height="13">
+<path d="M15.2 24.3L6.39999 33.1C5.89999 33.6 5.89999 34.3 6.39999 34.7L8.19999 36.5C8.69999 37 9.4 37 9.8 36.5L18.6 27.7C19.1 27.2 19.1 26.5 18.6 26.1L16.8 24.3C16.4 23.9 15.6 23.9 15.2 24.3Z" fill="url(#paint2_linear)"/>
+</mask>
+<g mask="url(#mask0)">
+<g filter="url(#filter1_dd)">
+<path d="M9.8 17.3L18.6 26.1C19.1 26.6 19.1 27.3 18.6 27.7L16.8 29.5C16.3 30 15.6 30 15.2 29.5L6.39999 20.7C5.89999 20.2 5.89999 19.5 6.39999 19.1L8.19999 17.3C8.59999 16.9 9.4 16.9 9.8 17.3Z" fill="url(#paint3_linear)"/>
+</g>
+</g>
+<path d="M9.8 17.3L18.6 26.1C19.1 26.6 19.1 27.3 18.6 27.7L16.8 29.5C16.3 30 15.6 30 15.2 29.5L6.39999 20.7C5.89999 20.2 5.89999 19.5 6.39999 19.1L8.19999 17.3C8.59999 16.9 9.4 16.9 9.8 17.3Z" fill="url(#paint4_linear)"/>
+</g>
+<g filter="url(#filter2_dd)">
+<path d="M40 32H24C23.4 32 23 32.4 23 33V36C23 36.6 23.4 37 24 37H40C40.6 37 41 36.6 41 36V33C41 32.4 40.6 32 40 32Z" fill="url(#paint5_linear)"/>
+</g>
+<defs>
+<filter id="filter0_dd" x="3.02499" y="15" width="18.95" height="25.875" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="0.5"/>
+<feGaussianBlur stdDeviation="0.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="1"/>
+<feGaussianBlur stdDeviation="1.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
+<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
+</filter>
+<filter id="filter1_dd" x="3.02499" y="15" width="18.95" height="18.875" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="0.5"/>
+<feGaussianBlur stdDeviation="0.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="1"/>
+<feGaussianBlur stdDeviation="1.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
+<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
+</filter>
+<filter id="filter2_dd" x="20" y="30" width="24" height="11" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="0.5"/>
+<feGaussianBlur stdDeviation="0.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="1"/>
+<feGaussianBlur stdDeviation="1.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
+<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
+</filter>
+<linearGradient id="paint0_linear" x1="36.4462" y1="47.8257" x2="11.8217" y2="5.1748" gradientUnits="userSpaceOnUse">
+<stop stop-color="#333333"/>
+<stop offset="1" stop-color="#4D4D4D"/>
+</linearGradient>
+<linearGradient id="paint1_linear" x1="14.5276" y1="33.9959" x2="10.4841" y2="26.9924" gradientUnits="userSpaceOnUse">
+<stop stop-color="#999999"/>
+<stop offset="1" stop-color="#B3B3B3"/>
+</linearGradient>
+<linearGradient id="paint2_linear" x1="14.5276" y1="33.9959" x2="10.4841" y2="26.9924" gradientUnits="userSpaceOnUse">
+<stop stop-color="#999999"/>
+<stop offset="1" stop-color="#B3B3B3"/>
+</linearGradient>
+<linearGradient id="paint3_linear" x1="16.2747" y1="30.0336" x2="8.73699" y2="16.9781" gradientUnits="userSpaceOnUse">
+<stop stop-color="#CCCCCC"/>
+<stop offset="1" stop-color="#E6E6E6"/>
+</linearGradient>
+<linearGradient id="paint4_linear" x1="16.2747" y1="30.0336" x2="8.73699" y2="16.9781" gradientUnits="userSpaceOnUse">
+<stop stop-color="#CCCCCC"/>
+<stop offset="1" stop-color="#E6E6E6"/>
+</linearGradient>
+<linearGradient id="paint5_linear" x1="35.1496" y1="39.9553" x2="28.8504" y2="29.0447" gradientUnits="userSpaceOnUse">
+<stop stop-color="#CCCCCC"/>
+<stop offset="1" stop-color="#E6E6E6"/>
+</linearGradient>
+</defs>
+</svg>
diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index b621a07b4d..35877dc61e 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/terminal-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -169,7 +169,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     For example, for English United States (en-us), add the following:
 
-    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose

From a85cadf4710e3fa7988a11504c05eb7c0e695e4e Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 27 Jul 2023 14:49:29 -0400
Subject: [PATCH 28/59] Update Boot Image with CU Article 28

---
 .../images/icons/command-line-18.svg          | 93 ++++++++++++++++++-
 .../deployment/images/icons/powershell-18.svg | 21 ++++-
 .../images/icons/powershell-color-18.svg      | 20 ----
 .../deployment/images/icons/terminal-18.svg   | 90 ------------------
 windows/deployment/update-boot-image.md       | 22 ++---
 5 files changed, 120 insertions(+), 126 deletions(-)
 delete mode 100644 windows/deployment/images/icons/powershell-color-18.svg
 delete mode 100644 windows/deployment/images/icons/terminal-18.svg

diff --git a/windows/deployment/images/icons/command-line-18.svg b/windows/deployment/images/icons/command-line-18.svg
index 5f434b70ba..7e1f7de9c2 100644
--- a/windows/deployment/images/icons/command-line-18.svg
+++ b/windows/deployment/images/icons/command-line-18.svg
@@ -1,3 +1,90 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 2048 2048">
-  <path d="M2048 128v1664H0V128h2048zM128 256v128h1792V256H128zm1792 1408V512H128v1152h1792zm-528-896l257 640h-91l-257-640h91zm-656 76q-53 0-96 16t-74 48-48 78-17 106q0 55 15 100t45 76 73 49 98 17q35 0 69-7t58-18l16 62q-22 11-63 19t-96 9q-63 0-117-20t-95-58-62-95-23-131q0-70 23-128t64-100 99-65 128-23q57 0 92 9t51 18l-19 63q-22-11-52-18t-69-7zm288 52h128v128h-128V896zm0 256h128v128h-128v-128z" />
-</svg>
\ No newline at end of file
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg width="18" height="18" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M0 13H16V6H2C0.9 6 0 6.9 0 8V13Z" fill="#CCCCCC"/>
+<path d="M32 6H16V13H32V6Z" fill="#999999"/>
+<path d="M48 13H32V6H46C47.1 6 48 6.9 48 8V13Z" fill="#666666"/>
+<path d="M46 42H2C0.9 42 0 41.1 0 40V12H48V40C48 41.1 47.1 42 46 42Z" fill="url(#paint0_linear)"/>
+<g filter="url(#filter0_dd)">
+<path d="M15.2 24.3L6.39999 33.1C5.89999 33.6 5.89999 34.3 6.39999 34.7L8.19999 36.5C8.69999 37 9.4 37 9.8 36.5L18.6 27.7C19.1 27.2 19.1 26.5 18.6 26.1L16.8 24.3C16.4 23.9 15.6 23.9 15.2 24.3Z" fill="url(#paint1_linear)"/>
+<mask id="mask0" mask-type="alpha" maskUnits="userSpaceOnUse" x="6" y="24" width="13" height="13">
+<path d="M15.2 24.3L6.39999 33.1C5.89999 33.6 5.89999 34.3 6.39999 34.7L8.19999 36.5C8.69999 37 9.4 37 9.8 36.5L18.6 27.7C19.1 27.2 19.1 26.5 18.6 26.1L16.8 24.3C16.4 23.9 15.6 23.9 15.2 24.3Z" fill="url(#paint2_linear)"/>
+</mask>
+<g mask="url(#mask0)">
+<g filter="url(#filter1_dd)">
+<path d="M9.8 17.3L18.6 26.1C19.1 26.6 19.1 27.3 18.6 27.7L16.8 29.5C16.3 30 15.6 30 15.2 29.5L6.39999 20.7C5.89999 20.2 5.89999 19.5 6.39999 19.1L8.19999 17.3C8.59999 16.9 9.4 16.9 9.8 17.3Z" fill="url(#paint3_linear)"/>
+</g>
+</g>
+<path d="M9.8 17.3L18.6 26.1C19.1 26.6 19.1 27.3 18.6 27.7L16.8 29.5C16.3 30 15.6 30 15.2 29.5L6.39999 20.7C5.89999 20.2 5.89999 19.5 6.39999 19.1L8.19999 17.3C8.59999 16.9 9.4 16.9 9.8 17.3Z" fill="url(#paint4_linear)"/>
+</g>
+<g filter="url(#filter2_dd)">
+<path d="M40 32H24C23.4 32 23 32.4 23 33V36C23 36.6 23.4 37 24 37H40C40.6 37 41 36.6 41 36V33C41 32.4 40.6 32 40 32Z" fill="url(#paint5_linear)"/>
+</g>
+<defs>
+<filter id="filter0_dd" x="3.02499" y="15" width="18.95" height="25.875" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="0.5"/>
+<feGaussianBlur stdDeviation="0.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="1"/>
+<feGaussianBlur stdDeviation="1.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
+<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
+</filter>
+<filter id="filter1_dd" x="3.02499" y="15" width="18.95" height="18.875" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="0.5"/>
+<feGaussianBlur stdDeviation="0.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="1"/>
+<feGaussianBlur stdDeviation="1.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
+<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
+</filter>
+<filter id="filter2_dd" x="20" y="30" width="24" height="11" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="0.5"/>
+<feGaussianBlur stdDeviation="0.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="1"/>
+<feGaussianBlur stdDeviation="1.5"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
+<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
+</filter>
+<linearGradient id="paint0_linear" x1="36.4462" y1="47.8257" x2="11.8217" y2="5.1748" gradientUnits="userSpaceOnUse">
+<stop stop-color="#333333"/>
+<stop offset="1" stop-color="#4D4D4D"/>
+</linearGradient>
+<linearGradient id="paint1_linear" x1="14.5276" y1="33.9959" x2="10.4841" y2="26.9924" gradientUnits="userSpaceOnUse">
+<stop stop-color="#999999"/>
+<stop offset="1" stop-color="#B3B3B3"/>
+</linearGradient>
+<linearGradient id="paint2_linear" x1="14.5276" y1="33.9959" x2="10.4841" y2="26.9924" gradientUnits="userSpaceOnUse">
+<stop stop-color="#999999"/>
+<stop offset="1" stop-color="#B3B3B3"/>
+</linearGradient>
+<linearGradient id="paint3_linear" x1="16.2747" y1="30.0336" x2="8.73699" y2="16.9781" gradientUnits="userSpaceOnUse">
+<stop stop-color="#CCCCCC"/>
+<stop offset="1" stop-color="#E6E6E6"/>
+</linearGradient>
+<linearGradient id="paint4_linear" x1="16.2747" y1="30.0336" x2="8.73699" y2="16.9781" gradientUnits="userSpaceOnUse">
+<stop stop-color="#CCCCCC"/>
+<stop offset="1" stop-color="#E6E6E6"/>
+</linearGradient>
+<linearGradient id="paint5_linear" x1="35.1496" y1="39.9553" x2="28.8504" y2="29.0447" gradientUnits="userSpaceOnUse">
+<stop stop-color="#CCCCCC"/>
+<stop offset="1" stop-color="#E6E6E6"/>
+</linearGradient>
+</defs>
+</svg>
diff --git a/windows/deployment/images/icons/powershell-18.svg b/windows/deployment/images/icons/powershell-18.svg
index 734d3930b1..ab2d5152ca 100644
--- a/windows/deployment/images/icons/powershell-18.svg
+++ b/windows/deployment/images/icons/powershell-18.svg
@@ -1,3 +1,20 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 2048 2048">
-  <path d="M0 128h2048v1664H0V128zm1920 128H128v128h1792V256zM128 1664h1792V512H128v1152zm768-128v-128h640v128H896zM549 716l521 372-521 372-74-104 375-268-375-268 74-104z" />
+<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
+  <defs>
+    <linearGradient id="a24f9983-911f-4df7-920f-f964c8c10f82" x1="9" y1="15.834" x2="9" y2="5.788" gradientUnits="userSpaceOnUse">
+      <stop offset="0" stop-color="#32bedd" />
+      <stop offset="0.175" stop-color="#32caea" />
+      <stop offset="0.41" stop-color="#32d2f2" />
+      <stop offset="0.775" stop-color="#32d4f5" />
+    </linearGradient>
+  </defs>
+  <title>MsPortalFx.base.images-10</title>
+  <g id="a7ef0482-71f2-4b7e-b916-b1c754245bf1">
+    <g>
+      <path d="M.5,5.788h17a0,0,0,0,1,0,0v9.478a.568.568,0,0,1-.568.568H1.068A.568.568,0,0,1,.5,15.266V5.788A0,0,0,0,1,.5,5.788Z" fill="url(#a24f9983-911f-4df7-920f-f964c8c10f82)" />
+      <path d="M1.071,2.166H16.929a.568.568,0,0,1,.568.568V5.788a0,0,0,0,1,0,0H.5a0,0,0,0,1,0,0V2.734A.568.568,0,0,1,1.071,2.166Z" fill="#0078d4" />
+      <path d="M4.292,7.153h.523a.167.167,0,0,1,.167.167v3.858a.335.335,0,0,1-.335.335H4.125a0,0,0,0,1,0,0V7.321a.167.167,0,0,1,.167-.167Z" transform="translate(-5.271 5.967) rotate(-45.081)" fill="#f2f2f2" />
+      <path d="M4.32,9.647h.523a.167.167,0,0,1,.167.167v4.131a0,0,0,0,1,0,0H4.488a.335.335,0,0,1-.335-.335v-3.8a.167.167,0,0,1,.167-.167Z" transform="translate(-0.504 23.385) rotate(-135.081)" fill="#e6e6e6" />
+      <rect x="7.221" y="12.64" width="4.771" height="1.011" rx="0.291" fill="#f2f2f2" />
+    </g>
+  </g>
 </svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/powershell-color-18.svg b/windows/deployment/images/icons/powershell-color-18.svg
deleted file mode 100644
index ab2d5152ca..0000000000
--- a/windows/deployment/images/icons/powershell-color-18.svg
+++ /dev/null
@@ -1,20 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18">
-  <defs>
-    <linearGradient id="a24f9983-911f-4df7-920f-f964c8c10f82" x1="9" y1="15.834" x2="9" y2="5.788" gradientUnits="userSpaceOnUse">
-      <stop offset="0" stop-color="#32bedd" />
-      <stop offset="0.175" stop-color="#32caea" />
-      <stop offset="0.41" stop-color="#32d2f2" />
-      <stop offset="0.775" stop-color="#32d4f5" />
-    </linearGradient>
-  </defs>
-  <title>MsPortalFx.base.images-10</title>
-  <g id="a7ef0482-71f2-4b7e-b916-b1c754245bf1">
-    <g>
-      <path d="M.5,5.788h17a0,0,0,0,1,0,0v9.478a.568.568,0,0,1-.568.568H1.068A.568.568,0,0,1,.5,15.266V5.788A0,0,0,0,1,.5,5.788Z" fill="url(#a24f9983-911f-4df7-920f-f964c8c10f82)" />
-      <path d="M1.071,2.166H16.929a.568.568,0,0,1,.568.568V5.788a0,0,0,0,1,0,0H.5a0,0,0,0,1,0,0V2.734A.568.568,0,0,1,1.071,2.166Z" fill="#0078d4" />
-      <path d="M4.292,7.153h.523a.167.167,0,0,1,.167.167v3.858a.335.335,0,0,1-.335.335H4.125a0,0,0,0,1,0,0V7.321a.167.167,0,0,1,.167-.167Z" transform="translate(-5.271 5.967) rotate(-45.081)" fill="#f2f2f2" />
-      <path d="M4.32,9.647h.523a.167.167,0,0,1,.167.167v4.131a0,0,0,0,1,0,0H4.488a.335.335,0,0,1-.335-.335v-3.8a.167.167,0,0,1,.167-.167Z" transform="translate(-0.504 23.385) rotate(-135.081)" fill="#e6e6e6" />
-      <rect x="7.221" y="12.64" width="4.771" height="1.011" rx="0.291" fill="#f2f2f2" />
-    </g>
-  </g>
-</svg>
\ No newline at end of file
diff --git a/windows/deployment/images/icons/terminal-18.svg b/windows/deployment/images/icons/terminal-18.svg
deleted file mode 100644
index 7e1f7de9c2..0000000000
--- a/windows/deployment/images/icons/terminal-18.svg
+++ /dev/null
@@ -1,90 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg width="18" height="18" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M0 13H16V6H2C0.9 6 0 6.9 0 8V13Z" fill="#CCCCCC"/>
-<path d="M32 6H16V13H32V6Z" fill="#999999"/>
-<path d="M48 13H32V6H46C47.1 6 48 6.9 48 8V13Z" fill="#666666"/>
-<path d="M46 42H2C0.9 42 0 41.1 0 40V12H48V40C48 41.1 47.1 42 46 42Z" fill="url(#paint0_linear)"/>
-<g filter="url(#filter0_dd)">
-<path d="M15.2 24.3L6.39999 33.1C5.89999 33.6 5.89999 34.3 6.39999 34.7L8.19999 36.5C8.69999 37 9.4 37 9.8 36.5L18.6 27.7C19.1 27.2 19.1 26.5 18.6 26.1L16.8 24.3C16.4 23.9 15.6 23.9 15.2 24.3Z" fill="url(#paint1_linear)"/>
-<mask id="mask0" mask-type="alpha" maskUnits="userSpaceOnUse" x="6" y="24" width="13" height="13">
-<path d="M15.2 24.3L6.39999 33.1C5.89999 33.6 5.89999 34.3 6.39999 34.7L8.19999 36.5C8.69999 37 9.4 37 9.8 36.5L18.6 27.7C19.1 27.2 19.1 26.5 18.6 26.1L16.8 24.3C16.4 23.9 15.6 23.9 15.2 24.3Z" fill="url(#paint2_linear)"/>
-</mask>
-<g mask="url(#mask0)">
-<g filter="url(#filter1_dd)">
-<path d="M9.8 17.3L18.6 26.1C19.1 26.6 19.1 27.3 18.6 27.7L16.8 29.5C16.3 30 15.6 30 15.2 29.5L6.39999 20.7C5.89999 20.2 5.89999 19.5 6.39999 19.1L8.19999 17.3C8.59999 16.9 9.4 16.9 9.8 17.3Z" fill="url(#paint3_linear)"/>
-</g>
-</g>
-<path d="M9.8 17.3L18.6 26.1C19.1 26.6 19.1 27.3 18.6 27.7L16.8 29.5C16.3 30 15.6 30 15.2 29.5L6.39999 20.7C5.89999 20.2 5.89999 19.5 6.39999 19.1L8.19999 17.3C8.59999 16.9 9.4 16.9 9.8 17.3Z" fill="url(#paint4_linear)"/>
-</g>
-<g filter="url(#filter2_dd)">
-<path d="M40 32H24C23.4 32 23 32.4 23 33V36C23 36.6 23.4 37 24 37H40C40.6 37 41 36.6 41 36V33C41 32.4 40.6 32 40 32Z" fill="url(#paint5_linear)"/>
-</g>
-<defs>
-<filter id="filter0_dd" x="3.02499" y="15" width="18.95" height="25.875" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
-<feFlood flood-opacity="0" result="BackgroundImageFix"/>
-<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
-<feOffset dy="0.5"/>
-<feGaussianBlur stdDeviation="0.5"/>
-<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
-<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
-<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
-<feOffset dy="1"/>
-<feGaussianBlur stdDeviation="1.5"/>
-<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
-<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
-<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
-</filter>
-<filter id="filter1_dd" x="3.02499" y="15" width="18.95" height="18.875" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
-<feFlood flood-opacity="0" result="BackgroundImageFix"/>
-<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
-<feOffset dy="0.5"/>
-<feGaussianBlur stdDeviation="0.5"/>
-<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
-<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
-<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
-<feOffset dy="1"/>
-<feGaussianBlur stdDeviation="1.5"/>
-<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
-<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
-<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
-</filter>
-<filter id="filter2_dd" x="20" y="30" width="24" height="11" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
-<feFlood flood-opacity="0" result="BackgroundImageFix"/>
-<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
-<feOffset dy="0.5"/>
-<feGaussianBlur stdDeviation="0.5"/>
-<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.1 0"/>
-<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
-<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
-<feOffset dy="1"/>
-<feGaussianBlur stdDeviation="1.5"/>
-<feColorMatrix type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.2 0"/>
-<feBlend mode="normal" in2="effect1_dropShadow" result="effect2_dropShadow"/>
-<feBlend mode="normal" in="SourceGraphic" in2="effect2_dropShadow" result="shape"/>
-</filter>
-<linearGradient id="paint0_linear" x1="36.4462" y1="47.8257" x2="11.8217" y2="5.1748" gradientUnits="userSpaceOnUse">
-<stop stop-color="#333333"/>
-<stop offset="1" stop-color="#4D4D4D"/>
-</linearGradient>
-<linearGradient id="paint1_linear" x1="14.5276" y1="33.9959" x2="10.4841" y2="26.9924" gradientUnits="userSpaceOnUse">
-<stop stop-color="#999999"/>
-<stop offset="1" stop-color="#B3B3B3"/>
-</linearGradient>
-<linearGradient id="paint2_linear" x1="14.5276" y1="33.9959" x2="10.4841" y2="26.9924" gradientUnits="userSpaceOnUse">
-<stop stop-color="#999999"/>
-<stop offset="1" stop-color="#B3B3B3"/>
-</linearGradient>
-<linearGradient id="paint3_linear" x1="16.2747" y1="30.0336" x2="8.73699" y2="16.9781" gradientUnits="userSpaceOnUse">
-<stop stop-color="#CCCCCC"/>
-<stop offset="1" stop-color="#E6E6E6"/>
-</linearGradient>
-<linearGradient id="paint4_linear" x1="16.2747" y1="30.0336" x2="8.73699" y2="16.9781" gradientUnits="userSpaceOnUse">
-<stop stop-color="#CCCCCC"/>
-<stop offset="1" stop-color="#E6E6E6"/>
-</linearGradient>
-<linearGradient id="paint5_linear" x1="35.1496" y1="39.9553" x2="28.8504" y2="29.0447" gradientUnits="userSpaceOnUse">
-<stop stop-color="#CCCCCC"/>
-<stop offset="1" stop-color="#E6E6E6"/>
-</linearGradient>
-</defs>
-</svg>
diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 35877dc61e..78948fb9ee 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -89,7 +89,7 @@ Before modifying the desired boot image, make a backup copy of the boot image. F
 
 Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
@@ -97,7 +97,7 @@ Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<bo
 
 For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-### [:::image type="icon" source="images/icons/terminal-18.svg"::: **Command Line**](#tab/command-line)
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 ```cmd
 DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
@@ -111,7 +111,7 @@ For more information, see [Modify a Windows image using DISM: Mount an image](/w
 
 If needed, add any drivers to the boot image:
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Command to be determined
@@ -141,7 +141,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 1. Add any desired optional components to the boot image:
 
-    ### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
@@ -169,7 +169,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     For example, for English United States (en-us), add the following:
 
-    ### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
@@ -208,7 +208,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image:
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
@@ -234,7 +234,7 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 
 Copy the updated bootmgr files from the updated boot image to the ADK installation path:
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
@@ -256,7 +256,7 @@ This step doesn't update or change the boot image. However, it makes sure that t
 
 Run **DISM.exe** commands that will clean up the mounted image and help reduce its size:
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
@@ -280,7 +280,7 @@ For more information, see [Modify a Windows image using DISM: Reduce the size of
 
 After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they are showing as installed:
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Get-WindowsPackage -Path "<Mount_folder_path>"
@@ -302,7 +302,7 @@ For more information, see [DISM Operating System Package (.cab or .msu) Servicin
 
 Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
 
-### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
 Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
@@ -324,7 +324,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 1. Once the boot image has been unmounted and saved, its size can be further reduced by exporting it:
 
-    ### [:::image type="icon" source="images/icons/powershell-color-18.svg"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
     Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose

From 37d730e3faa745f100332eb43e95ee28b76ddf47 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 28 Jul 2023 13:08:55 -0400
Subject: [PATCH 29/59] Update Boot Image with CU Article 29

---
 windows/deployment/update-boot-image.md | 111 +++++++++++++++++-------
 1 file changed, 80 insertions(+), 31 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 78948fb9ee..c9dbd31a63 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -21,21 +21,15 @@ appliesto:
 
 <!-- 7894697 -->
 
-This walkthrough describes how to update a Windows PE (WinPE) boot image with the latest cumulative update.
+Microsoft recommends updating Windows PE (WinPE) boot images with the latest cumulative update for maximum security and protection. The latest cumulative updates may also resolve known issues. This walkthrough describes how to update a WinPE boot image with the latest cumulative update.
 
 ## Prerequisites
 
 - [Windows Assessment and Deployment Kit (Windows ADK)](/windows-hardware/get-started/adk-install) - It's recommended to use the latest version of the ADK.
 - [Windows PE add-on for the Windows ADK](/windows-hardware/get-started/adk-install). Make sure the version of Windows PE matches the version of Windows ADK that is being used.
-- Boot image - This can be `winpe.wim` included with the Windows ADK.
+- Windows PE boot image
 - Latest cumulative update downloaded from the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site.
 
-## Overview
-
-Note about boot.wim from installation media
-Note about Win11 ADK only having x64 boot images
-Note about Windows Server 2012 R2
-
 ## Steps
 
 - [Step 1: Download and install ADK](#step-1-download-and-install-adk)
@@ -45,7 +39,7 @@ Note about Windows Server 2012 R2
 - [Step 5: Add drivers to boot image](#step-5-add-drivers-to-boot-image)
 - [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image)
 - [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image)
-- [Step 8: Copy boot files from mounted image to ADK installation path](#step-8-copy-boot-files-from-mounted-image-to-adk-installation-path)
+- [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path)
 - [Step 9: Perform component cleanup](#step-9-perform-component-cleanup)
 - [Step 10: Verify all desired packages have been added to boot image](#step-10-verify-all-desired-packages-have-been-added-to-boot-image)
 - [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
@@ -55,11 +49,15 @@ Note about Windows Server 2012 R2
 
 1. Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
 
-1. Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). Make sure to download and install both components.
+1. Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). The **Windows PE add-on for the Windows ADK** is a separate download and install from the **Windows Assessment and Deployment Kit (Windows ADK)**. Make sure to individually download and install both.
 
-It's strongly recommended to download and install the latest version of the ADK. When installing the Windows ADK, it's only necessary to install the **Deployment Tools**.
+> [!IMPORTANT]
+>
+> It's strongly recommended to download and install the latest version of the Windows ADK and the Windows PE add-on for the Windows ADK. The latest versions of the Windows PE add-on for the Windows ADK only include 64-bit boot images.
 
-The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths accordingly.
+When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. One of the tools installed will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option instead of the **PowerShell** option to run commands, make sure to run the commands from this **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
+
+The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths during the walk-through accordingly.
 
 ## Step 2: Download cumulative update (CU)
 
@@ -79,33 +77,39 @@ The paths in this article assume the Windows ADK was installed to the default lo
 
 ## Step 3: Backup existing boot image
 
-Before modifying the desired boot image, make a backup copy of the boot image. For example:
+Before modifying the desired boot image, make a backup copy of the boot image that needs to be updated. For example:
 
 - For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
 - For the boot image included with Microsoft Configuration Manager, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`
 
-## Step 4: Mount boot image to temporary mount folder
+## Step 4: Mount boot image to mount folder
 
-Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
+1. Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
 
-### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+1. Mount the boot image to the mount folder using one of the following methods:
 
-```powershell
-Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
-```
+  ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
+  From an elevated **PowerShell** command prompt, run the following command to mount the boot image to the mount folder:
 
-### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+  ```powershell
+  Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
+  ```
 
-```cmd
-DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
-```
+  For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
+  ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
----
+  From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to mount the boot image to the mount folder:
+
+  ```cmd
+  DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
+  ```
+
+  For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
+
+  ---
 
 ## Step 5: Add drivers to boot image
 
@@ -113,12 +117,16 @@ If needed, add any drivers to the boot image:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+From an elevated **PowerShell** command prompt, run the following command to add drivers to the boot image:
+
 ```powershell
 Command to be determined
 ```
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+From an elevated **Deployment and Imaging Tools Environment** command prompt, run one of the following command to add drivers to the boot image:
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Driver_INF_source_path>\<driver>.inf"
 ```
@@ -143,6 +151,8 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+    From an elevated **PowerShell** command prompt, run the following command to add optional components to the boot image:
+
     ```powershell
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
     ```
@@ -153,6 +163,8 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to add optional components to the boot image:
+
     ```cmd
     DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
     ```
@@ -171,19 +183,23 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+    From an elevated **PowerShell** command prompt, run the following command to add the language components for the optional components to the boot image:
+
     ```powershell
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
     ```
 
-    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    This example assumes a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
 
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to add the language components for the optional components to the boot image:
+
     ```cmd
     DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
     ```
 
-    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    This example assumes a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
 
     You can add as many desired optional components as needed on a single DISM.exe command line.
 
@@ -210,6 +226,8 @@ Apply the cumulative update (CU) downloaded earlier in the walkthrough to the bo
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+From an elevated **PowerShell** command prompt, run the following command to add the cumulative update (CU) to the boot image:
+
 ```powershell
 Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
 ```
@@ -218,6 +236,8 @@ For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windo
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to add the cumulative update (CU) to the boot image:
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
 ```
@@ -230,12 +250,14 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 >
 > Make sure not to apply the cumulative update (CU) until all desired optional components have been installed. This will make sure that the optional components are also properly updated by the cumulative update. If in the future any additional optional components need to be added to the boot image, make sure to reapply the cumulative update.
 
-## Step 8: Copy boot files from mounted image to ADK installation path
+## Step 8: Copy boot files from mounted boot image to ADK installation path
 
 Copy the updated bootmgr files from the updated boot image to the ADK installation path:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+From an elevated **PowerShell** command prompt, run the following command to copy the boot files from the mounted boot image to the ADK installation path:
+
 ```powershell
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
 
@@ -244,6 +266,8 @@ Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to copy the boot files from the mounted boot image to the ADK installation path:
+
 ```cmd
 Command to be determined
 ```
@@ -254,10 +278,12 @@ This step doesn't update or change the boot image. However, it makes sure that t
 
 ## Step 9: Perform component cleanup
 
-Run **DISM.exe** commands that will clean up the mounted image and help reduce its size:
+Run **DISM.exe** commands that will clean up the mounted boot image and help reduce its size:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+From an elevated **PowerShell** command prompt, run the following command to clean up the mounted boot image and help reduce its size:
+
 ```powershell
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
 
@@ -266,6 +292,8 @@ Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to clean up the mounted boot image and help reduce its size:
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase /Defer
 
@@ -282,6 +310,8 @@ After the optional components and the cumulative update (CU) have been applied t
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+From an elevated **PowerShell** command prompt, run the following command to verify that all optional components and the cumulative update (CU) have been applied to the boot image:
+
 ```powershell
 Get-WindowsPackage -Path "<Mount_folder_path>"
 ```
@@ -290,6 +320,8 @@ For more information, see [Get-WindowsPackage](/powershell/module/dism/get-windo
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to verify that all optional components and the cumulative update (CU) have been applied to the boot image:
+
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Get-Packages
 ```
@@ -302,6 +334,8 @@ For more information, see [DISM Operating System Package (.cab or .msu) Servicin
 
 Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
 
+From an elevated **PowerShell** command prompt, run the following command to unmount the boot image and save changes:
+
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
@@ -312,6 +346,8 @@ For more information, see [Dismount-WindowsImage](/powershell/module/dism/dismou
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to unmount the boot image and save changes:
+
 ```cmd
 DISM.exe /Unmount-Image /MountDir:"<Mount_folder_path>" /Commit
 ```
@@ -326,6 +362,8 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
     ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+    From an elevated **PowerShell** command prompt, run the following command to further reduce the size of the boot image by exporting it:
+
     ```powershell
     Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
     ```
@@ -334,6 +372,8 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
+    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to further reduce the size of the boot image by exporting it:
+
     ```cmd
     DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
     ```
@@ -342,10 +382,19 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
     ---
 
-1. Once the export has completed, delete the original updated boot image and then rename the exported boot image with the name of the original updated boot image.
+1. Once the export has completed:
+  
+    1. Delete the original updated boot image.
+    1. Rename the exported boot image with the name of the original updated boot image.
 
 ## Microsoft Configuration Manager considerations
 
 ## Microsoft Deployment Toolkit (MDT) considerations
 
 ## Windows Deployment Services (WDS) considerations
+
+The **boot.wim** that is part of Windows installation media isn't supported for use for deploying Windows 11 with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md)
+
+## Windows Server 2012 R2
+
+This walk-through isn't intended for use with Windows Server 2012 R2. There may be additional steps necessary when using Windows Server 2012 R2, such as also having to apply the latest servicing stack update (SSU) to the WinPE boot image. For server OSes, it's strongly recommended to use Windows Server 2016 or later for this walk-through. For more information see, [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).

From 0fa0de81c6138cba00e415e59c351a96bd499480 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 28 Jul 2023 18:45:10 -0400
Subject: [PATCH 30/59] Update Boot Image with CU Article 30

---
 windows/deployment/update-boot-image.md | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index c9dbd31a63..a4e59d9fb8 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -49,13 +49,17 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 1. Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
 
+  When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. One of the tools installed will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option instead of the **PowerShell** option to run the commands in this walk-through, make sure to run the commands from the **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
+
 1. Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). The **Windows PE add-on for the Windows ADK** is a separate download and install from the **Windows Assessment and Deployment Kit (Windows ADK)**. Make sure to individually download and install both.
 
 > [!IMPORTANT]
 >
-> It's strongly recommended to download and install the latest version of the Windows ADK and the Windows PE add-on for the Windows ADK. The latest versions of the Windows PE add-on for the Windows ADK only include 64-bit boot images.
-
-When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. One of the tools installed will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option instead of the **PowerShell** option to run commands, make sure to run the commands from this **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
+> It's strongly recommended to download and install the latest version of the Windows ADK and the Windows PE add-on for the Windows ADK.
+>
+> However, since the Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
+>
+> Additionally, the latest versions of the **Windows PE add-on for the Windows ADK** only includes 64-bit boot images. If a 32-bit boot image is required, then the recommendation in this scenario is to also use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK to include both 32-bit and 64-bit boot images.
 
 The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths during the walk-through accordingly.
 
@@ -79,9 +83,15 @@ The paths in this article assume the Windows ADK was installed to the default lo
 
 Before modifying the desired boot image, make a backup copy of the boot image that needs to be updated. For example:
 
-- For the boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
+- For the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
-- For the boot image included with Microsoft Configuration Manager, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`
+- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. However, for **Microsoft Configuration Manager** it's recommended to modify the boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
+
+- For the default 64-bit boot image that is generated by the **Microsoft Deployment Toolkit (MDT)**, the boot image is located at `<Deployment_Share>\Boot\LiteTouchPE_x64.wim`. However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to modify the boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
+
+- For 64-bit boot images in **Windows Deployment Services (WDS)**, the boot images are located at `<RemoteInstall>\Boot\x64\Images`.
+
+Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs).
 
 ## Step 4: Mount boot image to mount folder
 

From c6b5a101dd095b830f3cec394ff7d5ee3fc1c3ea Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 28 Jul 2023 20:09:53 -0400
Subject: [PATCH 31/59] Update Boot Image with CU Article 31

---
 windows/deployment/update-boot-image.md | 28 ++++++++++++-------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index a4e59d9fb8..49f79a5cfe 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -35,7 +35,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 - [Step 1: Download and install ADK](#step-1-download-and-install-adk)
 - [Step 2: Download cumulative update (CU)](#step-2-download-cumulative-update-cu)
 - [Step 3: Backup existing boot image](#step-3-backup-existing-boot-image)
-- [Step 4: Mount boot image to temporary mount folder](#step-4-mount-boot-image-to-temporary-mount-folder)
+- [Step 4: Mount boot image to mount folder](#step-4-mount-boot-image-to-mount-folder)
 - [Step 5: Add drivers to boot image](#step-5-add-drivers-to-boot-image)
 - [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image)
 - [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image)
@@ -49,7 +49,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 1. Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
 
-  When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. One of the tools installed will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option instead of the **PowerShell** option to run the commands in this walk-through, make sure to run the commands from the **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
+    When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. One of the tools installed will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option instead of the **PowerShell** option to run the commands in this walk-through, make sure to run the commands from the **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
 
 1. Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). The **Windows PE add-on for the Windows ADK** is a separate download and install from the **Windows Assessment and Deployment Kit (Windows ADK)**. Make sure to individually download and install both.
 
@@ -99,25 +99,25 @@ Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs
 
 1. Mount the boot image to the mount folder using one of the following methods:
 
-  ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-  From an elevated **PowerShell** command prompt, run the following command to mount the boot image to the mount folder:
+    From an elevated **PowerShell** command prompt, run the following command to mount the boot image to the mount folder:
 
-  ```powershell
-  Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
-  ```
+    ```powershell
+    Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
+    ```
 
-  For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
+    For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
-  ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-  From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to mount the boot image to the mount folder:
+    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to mount the boot image to the mount folder:
 
-  ```cmd
-  DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
-  ```
+    ```cmd
+    DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
+    ```
 
-  For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
+    For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
 
   ---
 

From cfebff1546ed0a0f675fb42778cfadf3766d7b9f Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Sat, 29 Jul 2023 09:13:18 -0400
Subject: [PATCH 32/59] Update Boot Image with CU Article 32

---
 windows/deployment/update-boot-image.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 49f79a5cfe..ad8dd9af53 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -51,6 +51,8 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
     When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. One of the tools installed will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option instead of the **PowerShell** option to run the commands in this walk-through, make sure to run the commands from the **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
 
+    The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths during the walk-through accordingly.
+
 1. Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). The **Windows PE add-on for the Windows ADK** is a separate download and install from the **Windows Assessment and Deployment Kit (Windows ADK)**. Make sure to individually download and install both.
 
 > [!IMPORTANT]
@@ -59,9 +61,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 >
 > However, since the Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
 >
-> Additionally, the latest versions of the **Windows PE add-on for the Windows ADK** only includes 64-bit boot images. If a 32-bit boot image is required, then the recommendation in this scenario is to also use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK to include both 32-bit and 64-bit boot images.
-
-The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths during the walk-through accordingly.
+> Additionally, the latest versions of the **Windows PE add-on for the Windows ADK** only includes 64-bit boot images. If a 32-bit boot image is required, then the recommendation in this scenario is to also use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version of the Windows ADK was the last version to include both 32-bit and 64-bit boot images.
 
 ## Step 2: Download cumulative update (CU)
 
@@ -344,10 +344,10 @@ For more information, see [DISM Operating System Package (.cab or .msu) Servicin
 
 Once drivers, optional components, and the cumulative update (CU) have been applied to the boot image, unmount the boot image and save changes.
 
-From an elevated **PowerShell** command prompt, run the following command to unmount the boot image and save changes:
-
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
+From an elevated **PowerShell** command prompt, run the following command to unmount the boot image and save changes:
+
 ```powershell
 Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
 ```
@@ -403,7 +403,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 ## Windows Deployment Services (WDS) considerations
 
-The **boot.wim** that is part of Windows installation media isn't supported for use for deploying Windows 11 with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md)
+The **boot.wim** that is part of Windows installation media isn't supported for deploying Windows 11 with Windows Deployment Services (WDS). Additionally, the **boot.wim** from Windows 11 installation media isn't supported for deploying any version of Windows with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md)
 
 ## Windows Server 2012 R2
 

From 7cb2145bd47cfb23f08cff7889b7f36f64528456 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 1 Aug 2023 13:43:27 -0400
Subject: [PATCH 33/59] Update Boot Image with CU Article 33

---
 windows/deployment/update-boot-image.md | 62 +++++++++++++++++++------
 1 file changed, 49 insertions(+), 13 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index ad8dd9af53..29da128f3c 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -85,9 +85,9 @@ Before modifying the desired boot image, make a backup copy of the boot image th
 
 - For the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
-- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. However, for **Microsoft Configuration Manager** it's recommended to modify the boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
+- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. However, for **Microsoft Configuration Manager** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
 
-- For the default 64-bit boot image that is generated by the **Microsoft Deployment Toolkit (MDT)**, the boot image is located at `<Deployment_Share>\Boot\LiteTouchPE_x64.wim`. However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to modify the boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
+- For the default 64-bit boot image that is generated by the **Microsoft Deployment Toolkit (MDT)**, the boot image is located at `<Deployment_Share>\Boot\LiteTouchPE_x64.wim`. However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
 
 - For 64-bit boot images in **Windows Deployment Services (WDS)**, the boot images are located at `<RemoteInstall>\Boot\x64\Images`.
 
@@ -215,20 +215,17 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     ---
 
+For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference?view=windows-11#winpe-optional-components).
+
 > [!IMPORTANT]
 >
-> For Microsoft Configuration Manager boot images, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. This is because the cumulative update being applied at the next step will also update any optional components as needed. If the optional components are instead added through Configuration Manager, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems.
->
-> For this reason, make sure to add the following required optional components need by Configuration Manager:
->
-> - Scripting (WinPE-Scripting)
-> - Startup (WinPE-SecureStartup)
-> - Network (WinPE-WDS-Tools)
-> - WMI (WinPE-WMI)
->
-> Once any optional components has been manually added to a boot image, Configuration Manager will detect that the optional component has already been added. It will not try to add the optional component again whenever it is updating the boot image.
+> When adding optional components, make sure to install optional components that are prerequisites of other optional components. Additionally, make sure that the prerequisite is installed firts. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference?view=windows-11#how-to-add-optional-components).
 
-### List of optional components
+> [!IMPORTANT]
+>
+> Both **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)** boot images require certain optional components to work properly. Make sure to add these required components when using either **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)**
+>
+> Additionally, when adding any optional component for either **Microsoft Configuration Manager** or **Microsoft Deployment Toolkit (MDT)** boot images, make sure to add the components manually using the above command lines instead of adding them through **Configuration Manager** or **MDT**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations) or [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
 
 ## Step 7: Add cumulative update (CU) to boot image
 
@@ -399,8 +396,47 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 ## Microsoft Configuration Manager considerations
 
+Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some optional components it requires to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is almost never touched, modified, or updated by Configuration Manager. Instead, when changes such as:
+
+- Adding drivers
+- Adding additional optional components
+- Enabling the command prompt
+
+are done in the properties of the boot image in Configuration Manager, Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. If any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are reapplied to a new copy of `boot.wim`. The new changes are not applyed the existing copy of `boot.<package_id>.wim`.
+
+This process makes has the following advantages:
+
+1. Keeps `boot.wim` pristine.
+1. Makes sure that when changes are made to a boot image, they are being done to a copy of a pristine version of the boot image that hasn't had been modified in the past. This helps avoid corruption and/or corrects issues with existing boot images.
+1. Helps manage components in the boot image. The process doesn't need to know what components it might need to remove from the boot image each time the boot image is rebuilt. Instead, it just needs to know what components to add to the boot image.
+1. Reduces the size of the boot image that can occur when components are removed from the boot image.
+
+There are two scenarios when the `boot.wim` boot image is updated by Configuration Manager:
+
+1. When updating between versions of Configuration Manager or when applying hotfix roll ups (HFRUs) to Configuration Manager, `boot.wim` may be updated as part of the update process.
+1. When selecting the option **Reload this boot image with the current Windows PE version from the Windows ADK** in the **Update Distribution Points Wizard**.
+
+In theses scenarios, the `boot.wim` boot image is updated using the `winpe.wim` boot image from the Windows ADK as described earlier in this section. This process creates a new pristine copy of the `boot.wim` boot image using the current version of the `winpe.wim` boot image that is part of the Windows ADK.
+
+### Microsoft Configuration Manager boot image required components
+
+The following components are required by Microsoft Configuration Manager in the boot image for Configuration Manager to function correctly:
+
+- Scripting/WinPE-Scripting (WinPE-Scripting)
+- Startup/WinPE-SecureStartup (WinPE-SecureStartup)
+- Network/WinPE-WDS-Tools (WinPE-WDS-Tools)
+- Scripting/WinPE-WMI (WinPE-WMI)
+
+Once any optional components has been manually added to a boot image, Configuration Manager will detect that the optional component has already been added. It will not try to add the optional component again whenever it is updating the boot image.
+
+### Adding optional components manually vs. adding optional components through Configuration Manager
+
+For Microsoft Configuration Manager boot images, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. This is because the cumulative update being applied at the next step will also update any optional components as needed. If the optional components are instead added through Configuration Manager, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems.
+
 ## Microsoft Deployment Toolkit (MDT) considerations
 
+Copy boot files
+
 ## Windows Deployment Services (WDS) considerations
 
 The **boot.wim** that is part of Windows installation media isn't supported for deploying Windows 11 with Windows Deployment Services (WDS). Additionally, the **boot.wim** from Windows 11 installation media isn't supported for deploying any version of Windows with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md)

From 5afd79339a843083b91c6fd11335a3cc95519cc6 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 1 Aug 2023 15:36:46 -0400
Subject: [PATCH 34/59] Update Boot Image with CU Article 34

---
 windows/deployment/update-boot-image.md | 82 ++++++++++++++++++++-----
 1 file changed, 65 insertions(+), 17 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 29da128f3c..0435789f25 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -107,6 +107,10 @@ Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs
     Mount-WindowsImage -Path "<Mount_folder_path>" -ImagePath "<Boot_image_path>\<boot_image>.wim" -Index 1 -Verbose
     ```
 
+    **Example**:
+
+    `Mount-WindowsImage -Path "C:\Mount" -ImagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -Index 1 -Verbose`
+
     For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
@@ -117,6 +121,10 @@ Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs
     DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
     ```
 
+    **Example**:
+
+    `MDISM.exe /Mount-image /imagefile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Index:1 /MountDir:"C:\Mount"`
+
     For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
 
   ---
@@ -130,7 +138,13 @@ If needed, add any drivers to the boot image:
 From an elevated **PowerShell** command prompt, run the following command to add drivers to the boot image:
 
 ```powershell
-Command to be determined
+Add-WindowsDriver -Path "<Mount_folder_path>" -Driver "<Driver_INF_source_path>\<driver>.inf"
+```
+
+or
+
+```powershell
+Add-WindowsDriver -Path "<Mount_folder_path>" -Driver "<Drivers_source_path>" -Recurse
 ```
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
@@ -144,16 +158,27 @@ DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Driver_INF_source_pa
 or
 
 ```cmd
-DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Drivers_source_path" /Recurse
+DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Drivers_source_path>" /Recurse
 ```
 
 For more information, see [Add and Remove Driver packages to an offline Windows Image](/windows-hardware/manufacture/desktop/add-and-remove-drivers-to-an-offline-windows-image)
 
 ---
 
+Drivers are not affected by the cumulative update installed later in this walkthrough. Once a driver is added to a boot image, it does not need to be added again if a newer cumulative update is installed at a later point in time.
+
+> [!TIP]
+>
+> A full set of drivers is not needed in Windows PE boot images. Only a small subset of drivers is needed that provide basic functionality while in WinPE. In most cases, no drivers need to be added to an out of box Windows ADK boot image since it already has many drivers built in. Don't add drivers to a boot image until it is verifed that they are needed. When drivers do need to be added, generally only network (NIC) drivers are needed. Occasionally, mass storage (disk) may also be needed. Some Surface devices may also need keyboard and mouse drivers.
+
 > [!IMPORTANT]
 >
-> For Microsoft Configuration Manager boot images, don't manually add drivers to the boot image using the above steps. Instead, add drivers through Configuration Manager via the **Drivers** tab in the **Properties** of the boot image. This will ensure that the drivers in the boot image can be properly managed through Configuration Manager. Drivers are not affected by the cumulative update installed later in this walkthrough.
+> For Microsoft Configuration Manager and Microsoft Deployment Toolkit (MDT) boot images, don't manually add drivers to the boot image using the above steps. Instead, add drivers to the boot images via Microsoft Configuration Manager or Microsoft Deployment Toolkit (MDT):
+>
+> - In Configuration Manager, via the **Drivers** tab in the **Properties** of the boot image.
+> - In Microsoft Deployment Toolkit (MDT), via the **Out-of-Box Drivers** tab in the **Properties** of the boot image.
+>
+> This will ensure that the drivers in the boot image can be properly managed through Configuration Manager or Microsoft Deployment Toolkit (MDT).
 
 ## Step 6: Add optional components to boot image
 
@@ -215,11 +240,11 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
     ---
 
-For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference?view=windows-11#winpe-optional-components).
+For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 
 > [!IMPORTANT]
 >
-> When adding optional components, make sure to install optional components that are prerequisites of other optional components. Additionally, make sure that the prerequisite is installed firts. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference?view=windows-11#how-to-add-optional-components).
+> When adding optional components, make sure to install optional components that are prerequisites of other optional components. Additionally, make sure that the prerequisite is installed first. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
 
 > [!IMPORTANT]
 >
@@ -396,13 +421,15 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 ## Microsoft Configuration Manager considerations
 
-Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some optional components it requires to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is almost never touched, modified, or updated by Configuration Manager. Instead, when changes such as:
+### How Microsoft Configuration Manager creates boot images
+
+Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#microsoft-configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is never touched, modified, or updated by Configuration Manager except in some very specific scenarios. Instead, when changes such as:
 
 - Adding drivers
 - Adding additional optional components
 - Enabling the command prompt
 
-are done in the properties of the boot image in Configuration Manager, Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. If any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are reapplied to a new copy of `boot.wim`. The new changes are not applyed the existing copy of `boot.<package_id>.wim`.
+are done in the properties of the boot image in Configuration Manager, Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. If any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are reapplied to a new copy of `boot.wim`. The new changes are not applied the existing copy of `boot.<package_id>.wim`.
 
 This process makes has the following advantages:
 
@@ -413,33 +440,54 @@ This process makes has the following advantages:
 
 There are two scenarios when the `boot.wim` boot image is updated by Configuration Manager:
 
-1. When updating between versions of Configuration Manager or when applying hotfix roll ups (HFRUs) to Configuration Manager, `boot.wim` may be updated as part of the update process.
+1. When upgrading between versions of Configuration Manager or when applying hotfix roll ups (HFRUs) to Configuration Manager, `boot.wim` may be updated as part of the upgrade process.
 1. When selecting the option **Reload this boot image with the current Windows PE version from the Windows ADK** in the **Update Distribution Points Wizard**.
 
 In theses scenarios, the `boot.wim` boot image is updated using the `winpe.wim` boot image from the Windows ADK as described earlier in this section. This process creates a new pristine copy of the `boot.wim` boot image using the current version of the `winpe.wim` boot image that is part of the Windows ADK.
 
+### Which boot image should be updated?
+
+When adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK. After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager by using the **Reload this boot image with the current Windows PE version from the Windows ADK** option in the **Update Distribution Points Wizard**.
+
+The `winpe.wim` boot image from the Windows ADK should be updated when using Configuration Manager because:
+
+1. If `boot.wim` is updated, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, the changes made to `boot.wim` including the cumulative updates applied will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, the the changes to the boot image including the cumulative updates applied will be preserved.
+
+1. If `boot.<package_id>.wim` is updated, then it will not only face the issues when `boot.wim` is updated, but it will also lose any changes, including the cumulative update, when any changes are done to the boot image (e.g. adding drivers, enabling the command prompt, etc.). Additionally, it will change the hash value of the boot image which can lead to download failures when downloading the boot image from a distribution point.
+
+By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the boot image via Configuration Manager.
+
 ### Microsoft Configuration Manager boot image required components
 
-The following components are required by Microsoft Configuration Manager in the boot image for Configuration Manager to function correctly:
+The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
 
-- Scripting/WinPE-Scripting (WinPE-Scripting)
-- Startup/WinPE-SecureStartup (WinPE-SecureStartup)
-- Network/WinPE-WDS-Tools (WinPE-WDS-Tools)
-- Scripting/WinPE-WMI (WinPE-WMI)
+| Feature | File Name | Dependance |
+|---------|-----------|------------|
+| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA |
+| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA |
+| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
 
-Once any optional components has been manually added to a boot image, Configuration Manager will detect that the optional component has already been added. It will not try to add the optional component again whenever it is updating the boot image.
+When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to add the above components in the above order to the boot image.
 
-### Adding optional components manually vs. adding optional components through Configuration Manager
+### Add optional components manually
 
-For Microsoft Configuration Manager boot images, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. This is because the cumulative update being applied at the next step will also update any optional components as needed. If the optional components are instead added through Configuration Manager, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems.
+For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. Optional components need to be added to the boot image manually instead of via Configuration Manager because:
+
+- When the cumulative update is applied, it will also update any optional components as needed.
+- If the optional components are instead added through Configuration Manager after a cumulative update has been applied to the boot image, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems.
+
+Once any optional components has been manually added to a boot image, if that optional component is attempted to be added via the **Optional Components** tab in the **Properties** of the boot image in Configuration Manager, Configuration Manager will detect that the optional component has already been added and it will not try to add the optional component again.
 
 ## Microsoft Deployment Toolkit (MDT) considerations
 
 Copy boot files
 
+since the Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
+
 ## Windows Deployment Services (WDS) considerations
 
-The **boot.wim** that is part of Windows installation media isn't supported for deploying Windows 11 with Windows Deployment Services (WDS). Additionally, the **boot.wim** from Windows 11 installation media isn't supported for deploying any version of Windows with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md)
+The **boot.wim** that is part of Windows installation media isn't supported for deploying Windows 11 with Windows Deployment Services (WDS). Additionally, the **boot.wim** from Windows 11 installation media isn't supported for deploying any version of Windows with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md).
 
 ## Windows Server 2012 R2
 

From 45be907e267f94640c5446d65742b5419554c251 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 1 Aug 2023 16:26:52 -0400
Subject: [PATCH 35/59] Update Boot Image with CU Article 35

---
 windows/deployment/update-boot-image.md | 50 ++++++++++++++++++-------
 1 file changed, 37 insertions(+), 13 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 0435789f25..9823179880 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -59,7 +59,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 >
 > It's strongly recommended to download and install the latest version of the Windows ADK and the Windows PE add-on for the Windows ADK.
 >
-> However, since the Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
+> However, the Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. If using MDT, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
 >
 > Additionally, the latest versions of the **Windows PE add-on for the Windows ADK** only includes 64-bit boot images. If a 32-bit boot image is required, then the recommendation in this scenario is to also use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version of the Windows ADK was the last version to include both 32-bit and 64-bit boot images.
 
@@ -121,9 +121,9 @@ Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs
     DISM.exe /Mount-image /imagefile:"<Boot_image_path>" /Index:1 /MountDir:"<Mount_folder_path>"
     ```
 
-    **Example**:
+    Example:
 
-    `MDISM.exe /Mount-image /imagefile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Index:1 /MountDir:"C:\Mount"`
+    **DISM.exe /Mount-image /imagefile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Index:1 /MountDir:"C:\Mount"**
 
     For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
 
@@ -165,18 +165,18 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 ---
 
-Drivers are not affected by the cumulative update installed later in this walkthrough. Once a driver is added to a boot image, it does not need to be added again if a newer cumulative update is installed at a later point in time.
+Drivers are not affected by the cumulative update installed later in this walkthrough. Once a driver is added to a boot image, it does not need to be added again if a newer cumulative update is applied to the boot image at a later point in time.
 
 > [!TIP]
 >
-> A full set of drivers is not needed in Windows PE boot images. Only a small subset of drivers is needed that provide basic functionality while in WinPE. In most cases, no drivers need to be added to an out of box Windows ADK boot image since it already has many drivers built in. Don't add drivers to a boot image until it is verifed that they are needed. When drivers do need to be added, generally only network (NIC) drivers are needed. Occasionally, mass storage (disk) may also be needed. Some Surface devices may also need keyboard and mouse drivers.
+> A full set of drivers is not needed in Windows PE boot images. Only a small subset of drivers is needed that provide basic functionality while in WinPE. In most cases, no drivers need to be added to an out of box Windows ADK boot image since it already has many drivers built in. Don't add drivers to a boot image until it is verified that they are needed. When drivers do need to be added, generally only network (NIC) drivers are needed. Occasionally, mass storage (disk) may also be needed. Some Surface devices may also need keyboard and mouse drivers.
 
 > [!IMPORTANT]
 >
 > For Microsoft Configuration Manager and Microsoft Deployment Toolkit (MDT) boot images, don't manually add drivers to the boot image using the above steps. Instead, add drivers to the boot images via Microsoft Configuration Manager or Microsoft Deployment Toolkit (MDT):
 >
 > - In Configuration Manager, via the **Drivers** tab in the **Properties** of the boot image.
-> - In Microsoft Deployment Toolkit (MDT), via the **Out-of-Box Drivers** tab in the **Properties** of the boot image.
+> - In Microsoft Deployment Toolkit (MDT), via the **Drivers and Patches** tab under the **Windows PE** tab in the **Properties** of the deployment share.
 >
 > This will ensure that the drivers in the boot image can be properly managed through Configuration Manager or Microsoft Deployment Toolkit (MDT).
 
@@ -426,38 +426,60 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#microsoft-configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is never touched, modified, or updated by Configuration Manager except in some very specific scenarios. Instead, when changes such as:
 
 - Adding drivers
-- Adding additional optional components
+- Adding optional components
 - Enabling the command prompt
 
-are done in the properties of the boot image in Configuration Manager, Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. If any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are reapplied to a new copy of `boot.wim`. The new changes are not applied the existing copy of `boot.<package_id>.wim`.
+are done in the properties of the boot image in Configuration Manager, Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. If any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a new copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are all reapplied to a new copy of `boot.wim`.
 
 This process makes has the following advantages:
 
 1. Keeps `boot.wim` pristine.
+
 1. Makes sure that when changes are made to a boot image, they are being done to a copy of a pristine version of the boot image that hasn't had been modified in the past. This helps avoid corruption and/or corrects issues with existing boot images.
+
 1. Helps manage components in the boot image. The process doesn't need to know what components it might need to remove from the boot image each time the boot image is rebuilt. Instead, it just needs to know what components to add to the boot image.
+
 1. Reduces the size of the boot image that can occur when components are removed from the boot image.
 
 There are two scenarios when the `boot.wim` boot image is updated by Configuration Manager:
 
 1. When upgrading between versions of Configuration Manager or when applying hotfix roll ups (HFRUs) to Configuration Manager, `boot.wim` may be updated as part of the upgrade process.
+
 1. When selecting the option **Reload this boot image with the current Windows PE version from the Windows ADK** in the **Update Distribution Points Wizard**.
 
 In theses scenarios, the `boot.wim` boot image is updated using the `winpe.wim` boot image from the Windows ADK as described earlier in this section. This process creates a new pristine copy of the `boot.wim` boot image using the current version of the `winpe.wim` boot image that is part of the Windows ADK.
 
-### Which boot image should be updated?
+### Which boot image should be updated with the cumulative update?
 
-When adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK. After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager by using the **Reload this boot image with the current Windows PE version from the Windows ADK** option in the **Update Distribution Points Wizard**.
+When adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK. After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager by using the following steps:
 
-The `winpe.wim` boot image from the Windows ADK should be updated when using Configuration Manager because:
+1. Open the Microsoft Configuration manager console.
 
-1. If `boot.wim` is updated, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, the changes made to `boot.wim` including the cumulative updates applied will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, the the changes to the boot image including the cumulative updates applied will be preserved.
+1. In the Microsoft Configuration manager console, navigate to **Software Library** > **Overview** > **Operating Systems** > **Boot Images**.
+
+1. In the **Boot Images** pane, select the desired boot image.
+
+1. In the toolbar, select **Update Distribution Points**.
+
+1. In the **Update Distribution Points Wizard** window that appears:
+
+    1. In the **General**/**Update distribution points with this image** page, select the **Reload this boot image with the current Windows PE version from the Windows ADK** option, and then select the **Next >** button.
+
+    1. In the **Summary** page, select the **Next >** button.
+
+    1. The **Progress** page will appears while the boot image builds.
+
+    1. Once the boot image finishes building, the **Completion**/**The task "Update Distribution Points Wizard" completed successfully** page will appear. Select the **Close** button.
+
+When using Configuration Manager, the `winpe.wim` boot image from the Windows ADK should be updated instead of the `boot.wim` from Configuration Manager because:
+
+1. If `boot.wim` is updated, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, the changes made to `boot.wim` including the cumulative updates applied will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the boot image including the cumulative updates applied will persist and be preserved.
 
 1. If `boot.<package_id>.wim` is updated, then it will not only face the issues when `boot.wim` is updated, but it will also lose any changes, including the cumulative update, when any changes are done to the boot image (e.g. adding drivers, enabling the command prompt, etc.). Additionally, it will change the hash value of the boot image which can lead to download failures when downloading the boot image from a distribution point.
 
 By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the boot image via Configuration Manager.
 
-### Microsoft Configuration Manager boot image required components
+### Boot image required components
 
 The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
 
@@ -470,6 +492,8 @@ The following components are required by Microsoft Configuration Manager boot im
 
 When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to add the above components in the above order to the boot image.
 
+After adding the required components to the boot image, any additional optional components can also be added to the boot image.
+
 ### Add optional components manually
 
 For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. Optional components need to be added to the boot image manually instead of via Configuration Manager because:

From ddbe00600b3af9674e5819b397f22958ee2c3765 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 1 Aug 2023 16:45:33 -0400
Subject: [PATCH 36/59] Update Boot Image with CU Article 36

---
 windows/deployment/update-boot-image.md | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 9823179880..fa75b5b81c 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -139,6 +139,11 @@ From an elevated **PowerShell** command prompt, run the following command to add
 
 ```powershell
 Add-WindowsDriver -Path "<Mount_folder_path>" -Driver "<Driver_INF_source_path>\<driver>.inf"
+
+Example:
+
+Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers\driver.inf"
+
 ```
 
 or
@@ -147,6 +152,11 @@ or
 Add-WindowsDriver -Path "<Mount_folder_path>" -Driver "<Drivers_source_path>" -Recurse
 ```
 
+**Example**:
+
+Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers\" -Recurse
+
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 From an elevated **Deployment and Imaging Tools Environment** command prompt, run one of the following command to add drivers to the boot image:
@@ -423,7 +433,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 ### How Microsoft Configuration Manager creates boot images
 
-Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#microsoft-configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is never touched, modified, or updated by Configuration Manager except in some very specific scenarios. Instead, when changes such as:
+Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is never touched, modified, or updated by Configuration Manager except in some very specific scenarios. Instead, when changes such as:
 
 - Adding drivers
 - Adding optional components
@@ -479,7 +489,7 @@ When using Configuration Manager, the `winpe.wim` boot image from the Windows AD
 
 By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the boot image via Configuration Manager.
 
-### Boot image required components
+### Configuration Manager boot image required components
 
 The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
 

From 0282239ebb9c0251c6cd8e4bc61e9f3f362117bd Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 1 Aug 2023 17:08:00 -0400
Subject: [PATCH 37/59] Update Boot Image with CU Article 37

---
 windows/deployment/update-boot-image.md | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index fa75b5b81c..e4332db38c 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -140,10 +140,9 @@ From an elevated **PowerShell** command prompt, run the following command to add
 ```powershell
 Add-WindowsDriver -Path "<Mount_folder_path>" -Driver "<Driver_INF_source_path>\<driver>.inf"
 
-Example:
-
-Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers\driver.inf"
+# Example:
 
+# Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers\driver.inf"
 ```
 
 or
@@ -202,6 +201,12 @@ Drivers are not affected by the cumulative update installed later in this walkth
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" -Path "<Mount_folder_path>" -Verbose
     ```
 
+    **Example**:
+
+    ```powershell
+    Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" -Path "C:\Mount" -Verbose
+    ```
+
     This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
 
     For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).

From 88acab38a8bb053b5a382bab7e70d76ab8323aac Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 1 Aug 2023 17:59:56 -0400
Subject: [PATCH 38/59] Update Boot Image with CU Article 38

---
 windows/deployment/update-boot-image.md | 131 +++++++++++++++++++++---
 1 file changed, 117 insertions(+), 14 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index e4332db38c..7b90088dc7 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -109,7 +109,9 @@ Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs
 
     **Example**:
 
-    `Mount-WindowsImage -Path "C:\Mount" -ImagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -Index 1 -Verbose`
+    ```powershell
+    Mount-WindowsImage -Path "C:\Mount" -ImagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -Index 1 -Verbose
+    ```
 
     For more information, see [Mount-WindowsImage](/powershell/module/dism/mount-windowsimage).
 
@@ -123,7 +125,9 @@ Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs
 
     Example:
 
-    **DISM.exe /Mount-image /imagefile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Index:1 /MountDir:"C:\Mount"**
+    ```cmd
+    DISM.exe /Mount-image /imagefile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Index:1 /MountDir:"C:\Mount"
+    ```
 
     For more information, see [Modify a Windows image using DISM: Mount an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism) and [DISM Image Management Command-Line Options: /Mount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#mount-image).
 
@@ -135,14 +139,10 @@ If needed, add any drivers to the boot image:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following command to add drivers to the boot image:
+From an elevated **PowerShell** command prompt, run one of the following commands to add drivers to the boot image:
 
 ```powershell
 Add-WindowsDriver -Path "<Mount_folder_path>" -Driver "<Driver_INF_source_path>\<driver>.inf"
-
-# Example:
-
-# Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers\driver.inf"
 ```
 
 or
@@ -151,14 +151,21 @@ or
 Add-WindowsDriver -Path "<Mount_folder_path>" -Driver "<Drivers_source_path>" -Recurse
 ```
 
-**Example**:
+**Examples**:
 
-Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers\" -Recurse
+```powershell
+Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers\driver.inf"
+```
 
+or
+
+```powershell
+Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers" -Recurse
+```
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated **Deployment and Imaging Tools Environment** command prompt, run one of the following command to add drivers to the boot image:
+From an elevated **Deployment and Imaging Tools Environment** command prompt, run one of the following commands to add drivers to the boot image:
 
 ```cmd
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Driver_INF_source_path>\<driver>.inf"
@@ -170,6 +177,18 @@ or
 DISM.exe /Image:"<Mount_folder_path>" /Add-Driver /Driver:"<Drivers_source_path>" /Recurse
 ```
 
+**Examples**:
+
+```cmd
+DISM.exe /Image:"C:\Mount" /Add-Driver /Driver:"C:\Drivers\driver.inf"
+```
+
+or
+
+```cmd
+DISM.exe /Image:"C:\Mount" /Add-Driver /Driver:"C:\Drivers" /Recurse
+```
+
 For more information, see [Add and Remove Driver packages to an offline Windows Image](/windows-hardware/manufacture/desktop/add-and-remove-drivers-to-an-offline-windows-image)
 
 ---
@@ -207,7 +226,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" -Path "C:\Mount" -Verbose
     ```
 
-    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths in the commands accordingly.
 
     For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
 
@@ -219,7 +238,13 @@ Drivers are not affected by the cumulative update installed later in this walkth
     DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component>.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Component2>.cab"
     ```
 
-    This example assumes an x64 boot image. If a different architecture is being used, then adjust the commands accordingly.
+    **Example**:
+
+    ```cmd
+    DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-SecureStartup.cab"
+    ```
+
+    These examples assume a 64-bit boot image image. If a different architecture is being used, then adjust the paths in the commands accordingly.
 
     You can add as many desired optional components as needed on a single **DISM.exe** command line.
 
@@ -239,7 +264,13 @@ Drivers are not affected by the cumulative update installed later in this walkth
     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" -Path "<Mount_folder_path>" -Verbose
     ```
 
-    This example assumes a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
+    **Example**:
+
+    ```powershell
+     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WMI_en-us.cab" -Path "C:\Mount" -Verbose   
+    ```
+
+    These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
 
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
@@ -249,7 +280,13 @@ Drivers are not affected by the cumulative update installed later in this walkth
     DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component>_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\<Component2>_en-us.cab"
     ```
 
-    This example assumes a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
+    **Example**:
+
+    ```cmd
+    DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WMI_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-SecureStartup_en-us.cab"
+    ```
+
+    These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
 
     You can add as many desired optional components as needed on a single DISM.exe command line.
 
@@ -279,6 +316,12 @@ From an elevated **PowerShell** command prompt, run the following command to add
 Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
 ```
 
+**Example**:
+
+```powershell
+Add-WindowsPackage -PackagePath "C:\Updates\windows11.0-kb5026372-x64_d2e542ce70571b093d815adb9013ed467a3e0a85.msu" -Path "C:\Mount" -Verbose
+```
+
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
@@ -289,6 +332,12 @@ From an elevated **Deployment and Imaging Tools Environment** command prompt, ru
 DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
 ```
 
+**Example**:
+
+```cmd
+DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Updates\windows11.0-kb5026372-x64_d2e542ce70571b093d815adb9013ed467a3e0a85.msu"
+```
+
 For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
 
 ---
@@ -311,6 +360,14 @@ Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
 ```
 
+**Example**:
+
+```powershell
+Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
+
+Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
+```
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to copy the boot files from the mounted boot image to the ADK installation path:
@@ -337,6 +394,14 @@ Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
 ```
 
+**Example**:
+
+```powershell
+Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
+
+Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
+```
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to clean up the mounted boot image and help reduce its size:
@@ -347,6 +412,14 @@ DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Res
 DISM.exe /Image:"<Mount_folder_path>" /Cleanup-image /StartComponentCleanup /Resetbase
 ```
 
+**Example**:
+
+```cmd
+DISM.exe /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase /Defer
+
+DISM.exe /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase
+```
+
 For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Cleanup-Image](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#cleanup-image).
 
 ---
@@ -363,6 +436,12 @@ From an elevated **PowerShell** command prompt, run the following command to ver
 Get-WindowsPackage -Path "<Mount_folder_path>"
 ```
 
+**Example**:
+
+```powershell
+Get-WindowsPackage -Path "C:\Mount"
+```
+
 For more information, see [Get-WindowsPackage](/powershell/module/dism/get-windowspackage).
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
@@ -373,6 +452,12 @@ From an elevated **Deployment and Imaging Tools Environment** command prompt, ru
 DISM.exe /Image:"<Mount_folder_path>" /Get-Packages
 ```
 
+**Example**:
+
+```cmd
+DISM.exe /Image:"C:\Mount" /Get-Packages
+```
+
 For more information, see [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Get-Packages](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#get-packages).
 
 ---
@@ -389,6 +474,12 @@ From an elevated **PowerShell** command prompt, run the following command to unm
 Dismount-WindowsImage -Path "<Mount_folder_path>" -Save -Verbose
 ```
 
+**Example**:
+
+```powershell
+Dismount-WindowsImage -Path "C:\Mount" -Save -Verbose
+```
+
 For more information, see [Dismount-WindowsImage](/powershell/module/dism/dismount-windowsimage).
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
@@ -399,6 +490,12 @@ From an elevated **Deployment and Imaging Tools Environment** command prompt, ru
 DISM.exe /Unmount-Image /MountDir:"<Mount_folder_path>" /Commit
 ```
 
+**Example:**
+
+```cmd
+DISM.exe /Unmount-Image /MountDir:"C:\Mount" /Commit
+```
+
 For more information, see [Modify a Windows image using DISM: Unmounting an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#unmounting-an-image) and [DISM Image Management Command-Line Options: /Unmount-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#unmount-image).
 
 ---
@@ -415,6 +512,12 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
     Export-WindowsImage -SourceImagePath "<Boot_image_path>\<boot_image>.wim" -SourceIndex 1 -DestinationImagePath "<Boot_image_path>\<boot_image>-export.wim" -CompressionType max -Verbose
     ```
 
+    **Example**:
+
+    ```powershell
+    Export-WindowsImage -SourceImagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -SourceIndex 1 -DestinationImagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" -CompressionType max -Verbose
+    ```
+
     For more information, see [Export-WindowsImage](/powershell/module/dism/export-windowsimage).
 
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)

From bf102e59242f34947441da83bf1c908f52bee477 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 1 Aug 2023 21:17:38 -0400
Subject: [PATCH 39/59] Update Boot Image with CU Article 39

---
 windows/deployment/update-boot-image.md | 148 +++++++++++++++++++-----
 1 file changed, 116 insertions(+), 32 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 7b90088dc7..455a597c82 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -292,11 +292,11 @@ Drivers are not affected by the cumulative update installed later in this walkth
 
     ---
 
-For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
+For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 
 > [!IMPORTANT]
 >
-> When adding optional components, make sure to install optional components that are prerequisites of other optional components. Additionally, make sure that the prerequisite is installed first. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
+> When adding optional components, make sure check if an optional component has a prerequisite of another optional component. When an optional component does have a prerequisite, make sure that the prerequisite component is installed first. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
 
 > [!IMPORTANT]
 >
@@ -348,11 +348,11 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 
 ## Step 8: Copy boot files from mounted boot image to ADK installation path
 
-Copy the updated bootmgr files from the updated boot image to the ADK installation path:
+Some cumulative updates will update the bootmgr boot files in the boot image. After these bootmgr boot files have been updated in the boot image, it's recommended to copy these updated bootmgr boot files from the boot image back to the Windows ADK. This will ensure that the Windows ADK has the updated bootmgr boot files.
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following command to copy the boot files from the mounted boot image to the ADK installation path:
+From an elevated **PowerShell** command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path:
 
 ```powershell
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
@@ -370,15 +370,31 @@ Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windo
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to copy the boot files from the mounted boot image to the ADK installation path:
+From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path:
 
 ```cmd
-Command to be determined
+copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" /Y
+
+copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" /Y
+```
+
+**Example**:
+
+```cmd
+copy "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" /Y
+
+copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" /Y
 ```
 
 ---
 
-This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr files are available to the ADK when creating bootable media. In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
+This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the ADK when creating bootable media. This includes any product that uses the ADK to create bootable media.
+
+In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
+
+> [!IMPORTANT]
+>
+> If using Microsoft Deployment Toolkit (MDT), make sure to also follow the section [Copy updated boot files to MDT deployment share](#copy-updated-boot-files-to-mdt-deployment-share) before proceeding to the next step.
 
 ## Step 9: Perform component cleanup
 
@@ -569,7 +585,15 @@ In theses scenarios, the `boot.wim` boot image is updated using the `winpe.wim`
 
 ### Which boot image should be updated with the cumulative update?
 
-When adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK. After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager by using the following steps:
+When adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `boot.wim` boot image generated by Configuration Manager. The `winpe.wim` boot image from the Windows ADK should be updated instead of the `boot.wim` boot image generated by Configuration Manager for the following reasons:
+
+1. If `boot.wim` is updated, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, the changes made to `boot.wim` including the applied cumulative update will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the Configuration Manager boot image including the applied cumulative update will persist and be preserved when Configuration Manager does update the `boot.wim` boot image.
+
+1. If `boot.<package_id>.wim` is updated, then it will not only face the issues when `boot.wim` is updated, but it will also lose any changes, including the applied cumulative update, when any changes are done to the boot image (e.g. adding drivers, enabling the command prompt, etc.). Additionally, it will change the hash value of the boot image which can lead to download failures when downloading the boot image from a distribution point.
+
+By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the `boot.wim` boot image via Configuration Manager.
+
+After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager by using the following steps:
 
 1. Open the Microsoft Configuration manager console.
 
@@ -589,30 +613,11 @@ When adding a cumulative update to a Configuration Manager boot image, it's reco
 
     1. Once the boot image finishes building, the **Completion**/**The task "Update Distribution Points Wizard" completed successfully** page will appear. Select the **Close** button.
 
+This process in addition to updating the boot image used by Configuration Manager will also update the boot images and the boot files used by any PXE enabled distribution points.
+
 When using Configuration Manager, the `winpe.wim` boot image from the Windows ADK should be updated instead of the `boot.wim` from Configuration Manager because:
 
-1. If `boot.wim` is updated, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, the changes made to `boot.wim` including the cumulative updates applied will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the boot image including the cumulative updates applied will persist and be preserved.
-
-1. If `boot.<package_id>.wim` is updated, then it will not only face the issues when `boot.wim` is updated, but it will also lose any changes, including the cumulative update, when any changes are done to the boot image (e.g. adding drivers, enabling the command prompt, etc.). Additionally, it will change the hash value of the boot image which can lead to download failures when downloading the boot image from a distribution point.
-
-By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the boot image via Configuration Manager.
-
-### Configuration Manager boot image required components
-
-The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
-
-| Feature | File Name | Dependance |
-|---------|-----------|------------|
-| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA |
-| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA |
-| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA |
-| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
-
-When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to add the above components in the above order to the boot image.
-
-After adding the required components to the boot image, any additional optional components can also be added to the boot image.
-
-### Add optional components manually
+### Add optional components manually to Configuration Manager boot images
 
 For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. Optional components need to be added to the boot image manually instead of via Configuration Manager because:
 
@@ -621,11 +626,90 @@ For Microsoft Configuration Manager boot images, when applying a cumulative upda
 
 Once any optional components has been manually added to a boot image, if that optional component is attempted to be added via the **Optional Components** tab in the **Properties** of the boot image in Configuration Manager, Configuration Manager will detect that the optional component has already been added and it will not try to add the optional component again.
 
+### Configuration Manager boot image required components
+
+The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
+
+| Feature | File Name | Dependency |
+|---------|-----------|------------|
+| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA |
+| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA |
+| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
+
+When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, any additional optional components can also be added to the boot image.
+
+For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
+
+### Updating Configuration Manager boot media
+
+After completing the walkthrough, update any Configuration Manager boot media to ensure that the boot media has both the updated boot image and if applicable, updated boot files.
+
 ## Microsoft Deployment Toolkit (MDT) considerations
 
-Copy boot files
+Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. When using MDT, the recommendation is to use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads) instead of the latest version of the Windows ADK. **ADK for Windows 10, version 2004** was the last version of the Windows ADK supported by MDT.
 
-since the Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
+### MDT boot image required components
+
+The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
+
+| Feature | File Name | Dependency |
+|---------|-----------|------------|
+| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA |
+| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA |
+| File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
+| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
+
+When adding optional components to any boot image used by MDT during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, any additional optional components can also be added to the boot image.
+
+For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
+
+### Copy updated boot files to MDT deployment share
+
+When the MDT deployment share is created, it copies the bootmgr boot files from the Windows ADK to the MDT deployment share. When using MDT, if the cumulative update updates the bootmgr boot files, these updated bootmgr boot files need to be manually copied to the MDT deployment share. This should be done during [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path):
+
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+From an elevated **PowerShell** command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the MDT deployment share:
+
+```powershell
+Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "<DeploymentShare>\Boot\x64\bootmgr.efi" -Force
+
+Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "<DeploymentShare>\Boot\x64\EFI\Boot\bootx64.efi" -Force
+```
+
+**Example**:
+
+```powershell
+Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\DeploymentShare\Boot\x64\bootmgr.efi" -Force
+
+Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\DeploymentShare\Boot\x64\EFI\Boot\bootx64.efi" -Force
+```
+
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+From an elevated command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the MDT deployment share:
+
+```cmd
+copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "<DeploymentShare>\Boot\x64\bootmgr.efi" /Y
+
+copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "<DeploymentShare>\Boot\x64\EFI\Boot\bootx64.efi" /Y
+```
+
+**Example**:
+
+```cmd
+copy "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\DeploymentShare\Boot\x64\bootmgr.efi" /Y
+
+copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\DeploymentShare\Boot\x64\EFI\Boot\bootx64.efi" /Y
+```
+
+---
+
+### Updating MDT boot media
+
+After completing the walkthrough, update any MDT boot media to ensure that the boot media has both the updated boot image and if applicable, updated boot files.
 
 ## Windows Deployment Services (WDS) considerations
 

From 6e620993c2b677994b0d962771bcbcc26a6c141b Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 2 Aug 2023 11:14:02 -0400
Subject: [PATCH 40/59] Update Boot Image with CU Article 40

---
 windows/deployment/update-boot-image.md | 49 +++++++++++++++++--------
 1 file changed, 33 insertions(+), 16 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 455a597c82..1dc2719298 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -292,8 +292,6 @@ Drivers are not affected by the cumulative update installed later in this walkth
 
     ---
 
-For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
-
 > [!IMPORTANT]
 >
 > When adding optional components, make sure check if an optional component has a prerequisite of another optional component. When an optional component does have a prerequisite, make sure that the prerequisite component is installed first. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
@@ -304,6 +302,25 @@ For a list of all available WinPE optional components including descriptions for
 >
 > Additionally, when adding any optional component for either **Microsoft Configuration Manager** or **Microsoft Deployment Toolkit (MDT)** boot images, make sure to add the components manually using the above command lines instead of adding them through **Configuration Manager** or **MDT**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations) or [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
 
+### Popular optional components
+
+The following is a list of popular optional components that are commonly added to boot images:
+
+| **Feature** | **File Name** | **Dependency** | **Purpose** | **Required by ConfigMgr** | **Required by MDT** |
+| --- | --- | --- | --- | --- |
+| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | | Yes | Yes |
+| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA | | Yes | No |
+| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | | Yes | Yes |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes | Yes|
+| File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA | | No | Yes |
+| Windows PowerShell/WinPE-PowerShell | `WinPE-PowerShell.cab` | Scripting/WinPE-Scripting <br> Scripting/WinPE-WMI <br> Microsoft .NET/WinPE-NetFx | Supports running PowerShell commands and scripts in WinPE | No | No |
+| Microsoft .NET/WinPE-NetFx | `WinPE-NetFx.cab` | Scripting/WinPE-WMI | Supports .Net applications in WinPE | No | No |
+| Network/WinPE-Dot3Svc | `WinPE-Dot3Svc.cab` | NA | Supports the 802.1X network protocol in WinPE | No | No |
+| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Supports running HTML applications in WinPE | No | No |
+| Database/WinPE-MDAC | `WinPE-MDAC.cab` | NA | Supports connecting to databases in WinPE | No | No |
+
+For a full list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
+
 ## Step 7: Add cumulative update (CU) to boot image
 
 Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image:
@@ -630,14 +647,14 @@ Once any optional components has been manually added to a boot image, if that op
 
 The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
 
-| Feature | File Name | Dependency |
-|---------|-----------|------------|
-| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA |
-| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA |
-| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA |
-| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
+| **Feature** | **File Name** | **Dependency** | **Required by ConfigMgr** |
+| --- | --- | --- | --- |
+| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | Yes |
+| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA | Yes |
+| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | Yes |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes |
 
-When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, any additional optional components can also be added to the boot image.
+When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, add any additional desired optional components to the boot image.
 
 For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 
@@ -653,15 +670,15 @@ Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Wi
 
 The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
 
-| Feature | File Name | Dependency |
+| **Feature** | **File Name** | **Dependency** | **Required by MDT** |
 |---------|-----------|------------|
-| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA |
-| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA |
-| File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA |
-| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
-| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) |
+| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | Yes |
+| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | Yes |
+| File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA | Yes |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes |
+| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes |
 
-When adding optional components to any boot image used by MDT during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, any additional optional components can also be added to the boot image.
+When adding optional components to any boot image used by MDT during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, add any additional desired optional components to the boot image.
 
 For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 

From 3cd67f7df5c2ed5c6b43a902b05aa074994b8b10 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 2 Aug 2023 11:26:39 -0400
Subject: [PATCH 41/59] Update Boot Image with CU Article 41

---
 windows/deployment/update-boot-image.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 1dc2719298..7cf0935259 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -294,7 +294,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
 
 > [!IMPORTANT]
 >
-> When adding optional components, make sure check if an optional component has a prerequisite of another optional component. When an optional component does have a prerequisite, make sure that the prerequisite component is installed first. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
+> When adding optional components, make sure to check if an optional component has a prerequisite for another optional component. When an optional component does have a prerequisite, make sure that the prerequisite component is installed first. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
 
 > [!IMPORTANT]
 >
@@ -308,11 +308,11 @@ The following is a list of popular optional components that are commonly added t
 
 | **Feature** | **File Name** | **Dependency** | **Purpose** | **Required by ConfigMgr** | **Required by MDT** |
 | --- | --- | --- | --- | --- |
-| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | | Yes | Yes |
-| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA | | Yes | No |
-| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | | Yes | Yes |
-| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes | Yes|
-| File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA | | No | Yes |
+| Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | Supports running non-PowerShell scripts in WinPE | Yes | Yes |
+| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA | Supports WDS in WinPE, including image capture and multicast | Yes | No |
+| Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | Supports WMI and WMI scripting in WinPE | Yes | Yes |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI | Supports managing BitLocker and TPMs within WinPE | Yes | Yes|
+| File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA | Supports access to the Windows PE File Management API | No | Yes |
 | Windows PowerShell/WinPE-PowerShell | `WinPE-PowerShell.cab` | Scripting/WinPE-Scripting <br> Scripting/WinPE-WMI <br> Microsoft .NET/WinPE-NetFx | Supports running PowerShell commands and scripts in WinPE | No | No |
 | Microsoft .NET/WinPE-NetFx | `WinPE-NetFx.cab` | Scripting/WinPE-WMI | Supports .Net applications in WinPE | No | No |
 | Network/WinPE-Dot3Svc | `WinPE-Dot3Svc.cab` | NA | Supports the 802.1X network protocol in WinPE | No | No |

From 8e052d56dd76ebefb10b0d398d863a46bca13c16 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 2 Aug 2023 13:55:35 -0400
Subject: [PATCH 42/59] Update Boot Image with CU Article 42

---
 windows/deployment/update-boot-image.md | 33 +++++++++++++++++++++----
 1 file changed, 28 insertions(+), 5 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 7cf0935259..6ffd5d1db0 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -85,7 +85,7 @@ Before modifying the desired boot image, make a backup copy of the boot image th
 
 - For the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
-- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. However, for **Microsoft Configuration Manager** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
+- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. For other boot images in Configuration Manager, the path to the boot image will be displayed in the **Image path:** field under the **Data Source** tab in the properties of the boot image. However, for **Microsoft Configuration Manager** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
 
 - For the default 64-bit boot image that is generated by the **Microsoft Deployment Toolkit (MDT)**, the boot image is located at `<Deployment_Share>\Boot\LiteTouchPE_x64.wim`. However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
 
@@ -93,6 +93,29 @@ Before modifying the desired boot image, make a backup copy of the boot image th
 
 Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs).
 
+The following commands will backup the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**:
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+From an elevated **PowerShell** command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This command won't automatically overwrite a backup of a boot image if one already exists:
+
+```powershell
+Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
+```
+
+Adjust paths and file names accordingly to back up other boot images.
+
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This command won't automatically overwrite a backup of a boot image if one already exists:
+
+```cmd
+copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
+```
+
+Adjust paths and file names accordingly to back up other boot images.
+
+---
+
 ## Step 4: Mount boot image to mount folder
 
 1. Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
@@ -316,7 +339,7 @@ The following is a list of popular optional components that are commonly added t
 | Windows PowerShell/WinPE-PowerShell | `WinPE-PowerShell.cab` | Scripting/WinPE-Scripting <br> Scripting/WinPE-WMI <br> Microsoft .NET/WinPE-NetFx | Supports running PowerShell commands and scripts in WinPE | No | No |
 | Microsoft .NET/WinPE-NetFx | `WinPE-NetFx.cab` | Scripting/WinPE-WMI | Supports .Net applications in WinPE | No | No |
 | Network/WinPE-Dot3Svc | `WinPE-Dot3Svc.cab` | NA | Supports the 802.1X network protocol in WinPE | No | No |
-| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Supports running HTML applications in WinPE | No | No |
+| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI | Supports running HTML applications in WinPE | No | No |
 | Database/WinPE-MDAC | `WinPE-MDAC.cab` | NA | Supports connecting to databases in WinPE | No | No |
 
 For a full list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
@@ -652,7 +675,7 @@ The following components are required by Microsoft Configuration Manager boot im
 | Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | Yes |
 | Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA | Yes |
 | Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | Yes |
-| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI | Yes |
 
 When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, add any additional desired optional components to the boot image.
 
@@ -675,8 +698,8 @@ The following components are required by Microsoft Configuration Manager boot im
 | Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | Yes |
 | Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | Yes |
 | File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA | Yes |
-| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes |
-| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI (`WinPE-WMI.cab`) | Yes |
+| Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI | Yes |
+| HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI | Yes |
 
 When adding optional components to any boot image used by MDT during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, add any additional desired optional components to the boot image.
 

From a0d12e291d6b0b3c923890eaace8dfa9ae631e77 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 2 Aug 2023 15:00:04 -0400
Subject: [PATCH 43/59] Update Boot Image with CU Article 43

---
 windows/deployment/update-boot-image.md | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 6ffd5d1db0..04c3adc1d7 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -67,11 +67,11 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 1. Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of Windows PE that was downloaded in [Step 1](#step-1-download-and-install-adk) or the version of the Windows PE boot image that will be updated.
 
-1. When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
+1. When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. Make sure to include the quotes (`"`). For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`, again making sure to include the quotes. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
 
 1. Once the cumulative update has been found, download the appropriate version for the version and architecture of Windows that matches the Windows PE boot image. For example, if the version of the Windows PE boot image is Windows 11 22H2 64-bit, then download the **Cumulative Update for Windows 11 Version 22H2 for x64-based Systems** version of the update.
 
-1. Store the downloaded cumulative update in a known location for later use.
+1. Store the downloaded cumulative update in a known location for later use, for example `C:\Updates`.
 
 > [!TIP]
 >
@@ -85,9 +85,13 @@ Before modifying the desired boot image, make a backup copy of the boot image th
 
 - For the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
-- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. For other boot images in Configuration Manager, the path to the boot image will be displayed in the **Image path:** field under the **Data Source** tab in the properties of the boot image. However, for **Microsoft Configuration Manager** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
+- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. For other boot images in Configuration Manager, the path to the boot image will be displayed in the **Image path:** field under the **Data Source** tab in the **Properties** of the boot image.
 
-- For the default 64-bit boot image that is generated by the **Microsoft Deployment Toolkit (MDT)**, the boot image is located at `<Deployment_Share>\Boot\LiteTouchPE_x64.wim`. However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
+    However, for **Microsoft Configuration Manager** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
+
+- For the default 64-bit boot image that is generated by the **Microsoft Deployment Toolkit (MDT)**, the boot image is located at `<Deployment_Share>\Boot\LiteTouchPE_x64.wim`.
+
+    However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
 
 - For 64-bit boot images in **Windows Deployment Services (WDS)**, the boot images are located at `<RemoteInstall>\Boot\x64\Images`.
 
@@ -264,7 +268,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
     **Example**:
 
     ```cmd
-    DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-SecureStartup.cab"
+    DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-Scripting.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WDS-Tools.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-SecureStartup.cab"
     ```
 
     These examples assume a 64-bit boot image image. If a different architecture is being used, then adjust the paths in the commands accordingly.
@@ -290,7 +294,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
     **Example**:
 
     ```powershell
-     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WMI_en-us.cab" -Path "C:\Mount" -Verbose   
+     Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-Scripting_en-us.cab" -Path "C:\Mount" -Verbose   
     ```
 
     These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
@@ -306,7 +310,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
     **Example**:
 
     ```cmd
-    DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WMI_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-SecureStartup_en-us.cab"
+    DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-Scripting_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WMI_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WDS-Tools_en-us.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-SecureStartup_en-us.cab"
     ```
 
     These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
@@ -359,7 +363,7 @@ Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_p
 **Example**:
 
 ```powershell
-Add-WindowsPackage -PackagePath "C:\Updates\windows11.0-kb5026372-x64_d2e542ce70571b093d815adb9013ed467a3e0a85.msu" -Path "C:\Mount" -Verbose
+Add-WindowsPackage -PackagePath "C:\Updates\windows11.0-kb5028185-x64_c78aa5899ba74efdd0e354dfab80940402b3efa4.msu" -Path "C:\Mount" -Verbose
 ```
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
@@ -375,7 +379,7 @@ DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU
 **Example**:
 
 ```cmd
-DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Updates\windows11.0-kb5026372-x64_d2e542ce70571b093d815adb9013ed467a3e0a85.msu"
+DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Updates\windows11.0-kb5028185-x64_c78aa5899ba74efdd0e354dfab80940402b3efa4.msu"
 ```
 
 For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
@@ -673,8 +677,8 @@ The following components are required by Microsoft Configuration Manager boot im
 | **Feature** | **File Name** | **Dependency** | **Required by ConfigMgr** |
 | --- | --- | --- | --- |
 | Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | Yes |
-| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA | Yes |
 | Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | Yes |
+| Network/WinPE-WDS-Tools | `WinPE-WDS-Tools.cab` | NA | Yes |
 | Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI | Yes |
 
 When adding optional components to any boot image used by Configuration Manager during the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step, make sure to first add the above required components in the above order to the boot image. After adding the required components to the boot image, add any additional desired optional components to the boot image.

From 48de42f513ab2f52e3698f56ef4b9405004b2c2b Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 2 Aug 2023 19:42:49 -0400
Subject: [PATCH 44/59] Update Boot Image with CU Article 44

---
 windows/deployment/update-boot-image.md | 86 +++++++++++--------------
 1 file changed, 39 insertions(+), 47 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 04c3adc1d7..c1c4e632d5 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -436,9 +436,9 @@ This step doesn't update or change the boot image. However, it makes sure that t
 
 In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
 
-> [!IMPORTANT]
+> [!NOTE]
 >
-> If using Microsoft Deployment Toolkit (MDT), make sure to also follow the section [Copy updated boot files to MDT deployment share](#copy-updated-boot-files-to-mdt-deployment-share) before proceeding to the next step.
+> Both **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)** will automatically extract these bootmgr boot files from the boot images as needed. No additional steps are needed for these products.
 
 ## Step 9: Perform component cleanup
 
@@ -588,6 +588,12 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
     DISM.exe /Export-Image /SourceImageFile:"<Boot_image_path>\<boot_image>.wim" /SourceIndex:1 /DestinationImageFile:"<Boot_image_path>\<boot_image>-export.wim"
     ```
 
+    **Example**:
+
+    ```cmd
+    DISM.exe /Export-Image /SourceImageFile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /SourceIndex:1 /DestinationImageFile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim"
+    ```
+
     For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Image Management Command-Line Options: /Export-Image](/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14#export-image).
 
     ---
@@ -637,7 +643,7 @@ When adding a cumulative update to a Configuration Manager boot image, it's reco
 
 By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the `boot.wim` boot image via Configuration Manager.
 
-After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager by using the following steps:
+After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager that contains the cumulative update by using the following steps:
 
 1. Open the Microsoft Configuration manager console.
 
@@ -659,8 +665,6 @@ After updating the `winpe.wim` boot image from the Windows ADK, generate a new `
 
 This process in addition to updating the boot image used by Configuration Manager will also update the boot images and the boot files used by any PXE enabled distribution points.
 
-When using Configuration Manager, the `winpe.wim` boot image from the Windows ADK should be updated instead of the `boot.wim` from Configuration Manager because:
-
 ### Add optional components manually to Configuration Manager boot images
 
 For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. Optional components need to be added to the boot image manually instead of via Configuration Manager because:
@@ -691,6 +695,32 @@ After completing the walkthrough, update any Configuration Manager boot media to
 
 ## Microsoft Deployment Toolkit (MDT) considerations
 
+When adding a cumulative update to a Microsoft Deployment Toolkit (MDT) boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `LiteTouchPE_<arch>.wim` boot image in the MDT Deployment Share. The `winpe.wim` boot image from the Windows ADK should be updated instead of the `LiteTouchPE_<arch>.wim` boot image from the MDT Deployment Share because if `LiteTouchPE_<arch>.wim` is updated, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, may be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the MDT boot image including the applied cumulative update will persist and be preserved when the MDT Deployment Share is updated.
+
+After updating the `winpe.wim` boot image from the Windows ADK, generate a new `LiteTouchPE_<arch>.wim` boot image for MDT that contains the cumulative update by using the following steps:
+
+1. Open the Microsoft Configuration manager console.
+
+1. In the Microsoft Configuration manager console, navigate to **Software Library** > **Overview** > **Operating Systems** > **Boot Images**.
+
+1. In the **Boot Images** pane, select the desired boot image.
+
+1. In the toolbar, select **Update Distribution Points**.
+
+1. In the **Update Distribution Points Wizard** window that appears:
+
+    1. In the **General**/**Update distribution points with this image** page, select the **Reload this boot image with the current Windows PE version from the Windows ADK** option, and then select the **Next >** button.
+
+    1. In the **Summary** page, select the **Next >** button.
+
+    1. The **Progress** page will appears while the boot image builds.
+
+    1. Once the boot image finishes building, the **Completion**/**The task "Update Distribution Points Wizard" completed successfully** page will appear. Select the **Close** button.
+
+This process in addition to updating the boot image used by Configuration Manager will also update the boot images and the boot files used by any PXE enabled distribution points.
+
+### MDT and Windows ADK versions
+
 Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. When using MDT, the recommendation is to use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads) instead of the latest version of the Windows ADK. **ADK for Windows 10, version 2004** was the last version of the Windows ADK supported by MDT.
 
 ### MDT boot image required components
@@ -698,7 +728,7 @@ Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Wi
 The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
 
 | **Feature** | **File Name** | **Dependency** | **Required by MDT** |
-|---------|-----------|------------|
+| --- | --- | --- | --- |
 | Scripting/WinPE-Scripting | `WinPE-Scripting.cab` | NA | Yes |
 | Scripting/WinPE-WMI | `WinPE-WMI.cab` | NA | Yes |
 | File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA | Yes |
@@ -709,51 +739,13 @@ When adding optional components to any boot image used by MDT during the [Step 6
 
 For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 
-### Copy updated boot files to MDT deployment share
+### Update MDT boot image
 
-When the MDT deployment share is created, it copies the bootmgr boot files from the Windows ADK to the MDT deployment share. When using MDT, if the cumulative update updates the bootmgr boot files, these updated bootmgr boot files need to be manually copied to the MDT deployment share. This should be done during [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path):
-
-### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
-
-From an elevated **PowerShell** command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the MDT deployment share:
-
-```powershell
-Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "<DeploymentShare>\Boot\x64\bootmgr.efi" -Force
-
-Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "<DeploymentShare>\Boot\x64\EFI\Boot\bootx64.efi" -Force
-```
-
-**Example**:
-
-```powershell
-Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\DeploymentShare\Boot\x64\bootmgr.efi" -Force
-
-Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\DeploymentShare\Boot\x64\EFI\Boot\bootx64.efi" -Force
-```
-
-### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
-
-From an elevated command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the MDT deployment share:
-
-```cmd
-copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "<DeploymentShare>\Boot\x64\bootmgr.efi" /Y
-
-copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "<DeploymentShare>\Boot\x64\EFI\Boot\bootx64.efi" /Y
-```
-
-**Example**:
-
-```cmd
-copy "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\DeploymentShare\Boot\x64\bootmgr.efi" /Y
-
-copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\DeploymentShare\Boot\x64\EFI\Boot\bootx64.efi" /Y
-```
-
----
+After completing the walkthrough, .
 
 ### Updating MDT boot media
 
-After completing the walkthrough, update any MDT boot media to ensure that the boot media has both the updated boot image and if applicable, updated boot files.
+After completing the walkthrough and updating the Deployment Share, update any MDT boot media to ensure that the boot media has both the updated boot image and if applicable, updated boot files.
 
 ## Windows Deployment Services (WDS) considerations
 

From 53c5919beb0bd04f9eabf232f4326f171b985514 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 3 Aug 2023 17:00:21 -0400
Subject: [PATCH 45/59] Update Boot Image with CU Article 45

---
 windows/deployment/update-boot-image.md | 78 ++++++++++++++++++++++---
 1 file changed, 69 insertions(+), 9 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index c1c4e632d5..9e52366828 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -250,7 +250,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
     **Example**:
 
     ```powershell
-    Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" -Path "C:\Mount" -Verbose
+    Add-WindowsPackage -PackagePath "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-Scripting.cab" -Path "C:\Mount" -Verbose
     ```
 
     These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths in the commands accordingly.
@@ -390,18 +390,74 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 >
 > Make sure not to apply the cumulative update (CU) until all desired optional components have been installed. This will make sure that the optional components are also properly updated by the cumulative update. If in the future any additional optional components need to be added to the boot image, make sure to reapply the cumulative update.
 
+### Servicing stack update (SSU) and error 0x800f0823
+
+Sometimes when applying a cumulative update (CU) to a boot image, you may receive the following error:
+
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+```powershell
+VERBOSE: Target Image Version <WinPE version>
+WARNING: Failed to add package <Cumulative_Update_Path>\<Cumulative_Update>.msu
+WARNING: Add-WindowsPackage failed. Error code = 0x800f0823
+Add-WindowsPackage : An error occurred applying the Unattend.xml file from the .msu package.
+For more information, review the log file.
+At line:1 char:1
++ Add-WindowsPackage -PackagePath "<Cumulative_Update_Path>\<Cumulative_Update> ...
++ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+    + CategoryInfo          : NotSpecified: (:) [Add-WindowsPackage], COMException
+    + FullyQualifiedErrorId : Microsoft.Dism.Commands.AddWindowsPackageCommand
+```
+
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+```cmd
+Error: 0x800f0823
+
+Package <Cumulative_Update_Path>\<Cumulative_Update>.msu may have failed due to pending updates to servicing components in the image. Try the command again.
+The DISM log file can be found at C:\Windows\Logs\DISM\dism.log
+```
+
+---
+
+Inspecting the **DISM.log** will reveal the following error:
+
+```cmd
+Package "Package_for_RollupFix~<Cumulative_Update>" requires Servicing Stack v<Required_Servicing_Stack_Version> but current Servicing Stack is v<Current_Servicing_Stack_Version>. [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+Failed to initialize internal package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+Failed to create internal package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+Failed to create windows update package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+DISM Package Manager: PID=6020 TID=6112 Failed opening package. - CDISMPackageManager::Internal_CreatePackageByPath(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Failed to get the underlying CBS package. - CDISMPackageManager::OpenPackageByPath(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 The specified package cannot be added to this Windows Image due to a version mismatch. - GetCbsErrorMsg
+DISM Package Manager: PID=6020 TID=6112 Failed to open package at location [<Temp_Path>\<Cumulative_Update>.cab]. - CPackageManagerUnattendHandler::Internal_ProcessPackageFromSource(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Failed to install package from source [0] - trying next source location. hr = [0x800F0823] - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage
+DISM Package Manager: PID=6020 TID=6112 Failed to Install the package [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Package failed to install [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendProcessPackage(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Failed to process package at node <package[1]>. - CPackageManagerUnattendHandler::Apply(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Failed to Apply the unattend. - CDISMPackageManager::Apply(hr:0x800f0823)
+DISM Unattend Manager: PID=6020 TID=6112 "Error applying unattend for provider: DISM Package Manager" - CUnattendManager::Apply(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Failed applying the unattend file from the MSU package. - CMsuPackage::ApplyMsuUnattend(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Failed to apply the MSU unattend file to the image. - CMsuPackage::Install(hr:0x800f0823)
+DISM Package Manager: PID=6020 TID=6112 Failed while processing command add-package. - CPackageManagerCLIHandler::ExecuteCmdLine(hr:0x800f0823)
+```
+
+The problem occurs when the WinPE boot image that is being serviced requires installation of a servicing stack update (SSU) before installation of the cumulative update (CU) can occur. The problem usually occurs when using older Windows ADKs and older versions of Windows PE. The suggested fix is to upgrade to the latest version of the Windows ADK and Windows PE which most likely won't need a servicing stack update (SSU) installed before installing the cumulative update (CU).
+
+For scenarios where an older version of the Windows ADK and Windows PE need to be used, for example when using Microsoft Deployment Toolkit (MDT), the servicing stack update needs to be installed before installing the cumulative update. The following steps outline how to install the servicing stack update (SSU) before installing the cumulative update (CU) to the boot image:
+
 ## Step 8: Copy boot files from mounted boot image to ADK installation path
 
 Some cumulative updates will update the bootmgr boot files in the boot image. After these bootmgr boot files have been updated in the boot image, it's recommended to copy these updated bootmgr boot files from the boot image back to the Windows ADK. This will ensure that the Windows ADK has the updated bootmgr boot files.
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path:
+From an elevated **PowerShell** command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands need confirmation to overwrite the existing bootmgr boot files:
 
 ```powershell
-Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
+Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi"
 
-Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
+Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
 ```
 
 **Example**:
@@ -412,24 +468,28 @@ Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Window
 Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
 ```
 
+To overwrite the bootmgr boot files without confirmation, for example in a script, add the `-Force` parameter to the end of the command line.
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path:
+From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands need confirmation to overwrite the existing bootmgr boot files::
 
 ```cmd
-copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" /Y
+copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi"
 
-copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" /Y
+copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
 ```
 
 **Example**:
 
 ```cmd
-copy "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" /Y
+copy "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi"
 
-copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" /Y
+copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
 ```
 
+To overwrite the bootmgr boot files without confirmation, for example in a script, add the `/Y` parameter to the end of the command line.
+
 ---
 
 This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the ADK when creating bootable media. This includes any product that uses the ADK to create bootable media.

From 266f13bacba95c9b7a8dc30fe47cf53d51c0f645 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 3 Aug 2023 18:57:54 -0400
Subject: [PATCH 46/59] Update Boot Image with CU Article 46

---
 windows/deployment/update-boot-image.md | 132 ++++++++++++++++++++----
 1 file changed, 114 insertions(+), 18 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 9e52366828..a4d3578cf5 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -357,7 +357,7 @@ Apply the cumulative update (CU) downloaded earlier in the walkthrough to the bo
 From an elevated **PowerShell** command prompt, run the following command to add the cumulative update (CU) to the boot image:
 
 ```powershell
-Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>" -Path "<Mount_folder_path>" -Verbose
+Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>\<CU>.msu" -Path "<Mount_folder_path>" -Verbose
 ```
 
 **Example**:
@@ -373,7 +373,7 @@ For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windo
 From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to add the cumulative update (CU) to the boot image:
 
 ```cmd
-DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>"
+DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU_update>\<CU>.msu"
 ```
 
 **Example**:
@@ -392,7 +392,7 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 
 ### Servicing stack update (SSU) and error 0x800f0823
 
-Sometimes when applying a cumulative update (CU) to a boot image, you may receive the following error:
+Sometimes when applying a cumulative update (CU) to a boot image, you may receive error `0x800f0823`:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -422,29 +422,125 @@ The DISM log file can be found at C:\Windows\Logs\DISM\dism.log
 
 Inspecting the **DISM.log** will reveal the following error:
 
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+```powershell
+Package "Package_for_RollupFix~<Cumulative_Update>" requires Servicing Stack v<Required_Servicing_Stack_Version> but current Servicing Stack is v<Current_Servicing_Stack_Version>. [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+Failed to initialize internal package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+Failed to create internal package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+Failed to create windows update package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
+DISM Package Manager: PID=<PID> TID=<TID> Failed opening package. - CDISMPackageManager::Internal_CreatePackageByPath(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to get the underlying CBS package. - CDISMPackageManager::OpenPackageByPath(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> The specified package cannot be added to this Windows Image due to a version mismatch. - GetCbsErrorMsg
+DISM Package Manager: PID=<PID> TID=<TID> Failed to open package at location [<Temp_Path>\<Cumulative_Update>.cab]. - CPackageManagerUnattendHandler::Internal_ProcessPackageFromSource(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to install package from source [0] - trying next source location. hr = [0x800F0823] - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage
+DISM Package Manager: PID=<PID> TID=<TID> Failed to Install the package [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Package failed to install [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendProcessPackage(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to process package at node <package[1]>. - CPackageManagerUnattendHandler::Apply(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to Apply the unattend. - CDISMPackageManager::Apply(hr:0x800f0823)
+DISM Unattend Manager: PID=<PID> TID=<TID> "Error applying unattend for provider: DISM Package Manager" - CUnattendManager::Apply(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed applying the unattend file from the MSU package. - CMsuPackage::ApplyMsuUnattend(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to apply the MSU unattend file to the image. - CMsuPackage::Install(hr:0x800f0823)
+API: PID=<PID> TID=<TID> Failed to install msu package <Path_to_CU_MSU_update>\<MSU_Cumulative_Update>.msu - CAddPackageCommandObject::InternalExecute(hr:0x800f0823)
+API: PID=<PID> TID=<TID> InternalExecute failed - CBaseCommandObject::Execute(hr:0x800f0823)
+API: PID=<PID> TID=<TID> CAddPackageCommandObject internal execution failed - DismAddPackageInternal(hr:0x800f0823)
+```
+
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
 ```cmd
 Package "Package_for_RollupFix~<Cumulative_Update>" requires Servicing Stack v<Required_Servicing_Stack_Version> but current Servicing Stack is v<Current_Servicing_Stack_Version>. [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
 Failed to initialize internal package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
 Failed to create internal package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
 Failed to create windows update package [HRESULT = 0x800f0823 - CBS_E_NEW_SERVICING_STACK_REQUIRED]
-DISM Package Manager: PID=6020 TID=6112 Failed opening package. - CDISMPackageManager::Internal_CreatePackageByPath(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Failed to get the underlying CBS package. - CDISMPackageManager::OpenPackageByPath(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 The specified package cannot be added to this Windows Image due to a version mismatch. - GetCbsErrorMsg
-DISM Package Manager: PID=6020 TID=6112 Failed to open package at location [<Temp_Path>\<Cumulative_Update>.cab]. - CPackageManagerUnattendHandler::Internal_ProcessPackageFromSource(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Failed to install package from source [0] - trying next source location. hr = [0x800F0823] - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage
-DISM Package Manager: PID=6020 TID=6112 Failed to Install the package [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Package failed to install [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendProcessPackage(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Failed to process package at node <package[1]>. - CPackageManagerUnattendHandler::Apply(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Failed to Apply the unattend. - CDISMPackageManager::Apply(hr:0x800f0823)
-DISM Unattend Manager: PID=6020 TID=6112 "Error applying unattend for provider: DISM Package Manager" - CUnattendManager::Apply(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Failed applying the unattend file from the MSU package. - CMsuPackage::ApplyMsuUnattend(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Failed to apply the MSU unattend file to the image. - CMsuPackage::Install(hr:0x800f0823)
-DISM Package Manager: PID=6020 TID=6112 Failed while processing command add-package. - CPackageManagerCLIHandler::ExecuteCmdLine(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed opening package. - CDISMPackageManager::Internal_CreatePackageByPath(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to get the underlying CBS package. - CDISMPackageManager::OpenPackageByPath(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> The specified package cannot be added to this Windows Image due to a version mismatch. - GetCbsErrorMsg
+DISM Package Manager: PID=<PID> TID=<TID> Failed to open package at location [<Temp_Path>\<Cumulative_Update>.cab]. - CPackageManagerUnattendHandler::Internal_ProcessPackageFromSource(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to install package from source [0] - trying next source location. hr = [0x800F0823] - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage
+DISM Package Manager: PID=<PID> TID=<TID> Failed to Install the package [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendInstallPackage(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Package failed to install [Multiple_Packages~~~~0.0.0.0]. - CPackageManagerUnattendHandler::Internal_UnattendProcessPackage(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to process package at node <package[1]>. - CPackageManagerUnattendHandler::Apply(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to Apply the unattend. - CDISMPackageManager::Apply(hr:0x800f0823)
+DISM Unattend Manager: PID=<PID> TID=<TID> "Error applying unattend for provider: DISM Package Manager" - CUnattendManager::Apply(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed applying the unattend file from the MSU package. - CMsuPackage::ApplyMsuUnattend(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed to apply the MSU unattend file to the image. - CMsuPackage::Install(hr:0x800f0823)
+DISM Package Manager: PID=<PID> TID=<TID> Failed while processing command add-package. - CPackageManagerCLIHandler::ExecuteCmdLine(hr:0x800f0823)
 ```
 
+---
+
 The problem occurs when the WinPE boot image that is being serviced requires installation of a servicing stack update (SSU) before installation of the cumulative update (CU) can occur. The problem usually occurs when using older Windows ADKs and older versions of Windows PE. The suggested fix is to upgrade to the latest version of the Windows ADK and Windows PE which most likely won't need a servicing stack update (SSU) installed before installing the cumulative update (CU).
 
-For scenarios where an older version of the Windows ADK and Windows PE need to be used, for example when using Microsoft Deployment Toolkit (MDT), the servicing stack update needs to be installed before installing the cumulative update. The following steps outline how to install the servicing stack update (SSU) before installing the cumulative update (CU) to the boot image:
+For scenarios where an older version of the Windows ADK and Windows PE need to be used, for example when using Microsoft Deployment Toolkit (MDT), the servicing stack update needs to be installed before installing the cumulative update. The servicing stack update (SSU) is contained within the cumulative update (CU). To obtain the servicing stack update (SSU) so that it can be applied, it can be extracted from the cumulative update (CU).
+
+The following steps outline how to extract and then install the servicing stack update (SSU) to the boot image. Once the before servicing stack update (SSU) has been installed, then the cumulative update (CU) should install to the boot image without error. These steps are only necessary if error 0x800f0823 occurs when installing the cumulative update (CU) to the boot image. If error 0x800f0823 isn't occur when installing the cumulative update (CU) to the boot image, then skip to the next step [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path):
+
+1. Create a folder to extract the servicing stack update (SSU) into. For example, `C:\Updates\Extract`:
+
+1. Extract the contents of the cumulative update (CU) to the folder created in the previous step using the following command:
+
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    ```powershell
+    Start-Process "expand.exe" -ArgumentList " -f:* `"<Cumulative_Update_Path>\<Cumulative_Update>.msu`" `"<Extract_Path>`"" -Wait -LoadUserProfile
+    ```
+
+    **Example**:
+
+    ```powershell
+    Start-Process "expand.exe" -ArgumentList " -f:* `"C:\Updates\windows10.0-kb5028166-x64_fe3aa2fef685c0e76e1f5d34d529624294273f41.msu`" `"C:\Updates\Extract`"" -Wait -LoadUserProfile
+    ```
+
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    ```cmd
+    expand.exe -f:* "<Cumulative_Update_Path>\<Cumulative_Update>.msu" "<Extract_Path>"
+    ```
+
+    **Example**:
+
+    ```cmd
+    expand.exe -f:* "C:\Updates\windows10.0-kb5028166-x64_fe3aa2fef685c0e76e1f5d34d529624294273f41.msu" "C:\Updates\Extract"
+    ```
+
+    ---
+
+1. Inspect the contents of the extracted files in the extract folder and identify the servicing stack update (SSU) CAB file. One of the files should be called `SSU-<Version>-<Arch>.cab`. For example, `SSU-19041.3205-x64.cab`. Make a note of the name of the servicing stack update (SSU) CAB file.
+
+1. Apply the servicing stack update (SSU) CAB file to the boot image using the following command:
+
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    From an elevated **PowerShell** command prompt, run the following command to add the cumulative update (CU) to the boot image:
+
+    ```powershell
+    Add-WindowsPackage -PackagePath "<Path_to_SSU_CAB_update>\<SSU>.cab" -Path "<Mount_folder_path>" -Verbose
+    ```
+
+    **Example**:
+
+    ```powershell
+    Add-WindowsPackage -PackagePath "C:\Updates\Extract\SSU-19041.3205-x64.cab" -Path "C:\Mount" -Verbose
+    ```
+
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to add the cumulative update (CU) to the boot image:
+
+    ```cmd
+    DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_SSU_CAB_update>\<SSU>.cab"
+    ```
+
+    **Example**:
+
+    ```cmd
+    DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Updates\Extract\SSU-19041.3205-x64.cab"
+    ```
+
+    ---
+
+1. Attempt to apply the cumulative update (CU) to the boot image again using the commands from [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image).
 
 ## Step 8: Copy boot files from mounted boot image to ADK installation path
 
@@ -517,7 +613,7 @@ Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment
 **Example**:
 
 ```powershell
-Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
+Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:`"C:\Mount`" /Cleanup-image /StartComponentCleanup /Resetbase /Defer" -Wait -LoadUserProfile
 
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
 ```

From b36305450de619774699a9eeec43201a601e3eca Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 3 Aug 2023 21:07:15 -0400
Subject: [PATCH 47/59] Update Boot Image with CU Article 47

---
 windows/deployment/update-boot-image.md | 105 +++++++++++++++++++++---
 1 file changed, 95 insertions(+), 10 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index a4d3578cf5..58dcc4dcaa 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -100,7 +100,7 @@ Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs
 The following commands will backup the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**:
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This command won't automatically overwrite a backup of a boot image if one already exists:
+From an elevated **PowerShell** command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This commands needs confirmation to overwrite an existing backed up boot image if one already exists:
 
 ```powershell
 Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
@@ -108,9 +108,11 @@ Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\
 
 Adjust paths and file names accordingly to back up other boot images.
 
+To overwrite an existing backed up boot image without confirmation, for example in a script, add the `-Force` parameter to the end of the command line.
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This command won't automatically overwrite a backup of a boot image if one already exists:
+From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This commands needs confirmation to overwrite an existing backed up boot image if one already exist:
 
 ```cmd
 copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
@@ -118,6 +120,8 @@ copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windo
 
 Adjust paths and file names accordingly to back up other boot images.
 
+To overwrite an existing backed up boot image without confirmation, for example in a script, add the `/Y` parameter to the end of the command line.
+
 ---
 
 ## Step 4: Mount boot image to mount folder
@@ -474,7 +478,11 @@ The problem occurs when the WinPE boot image that is being serviced requires ins
 
 For scenarios where an older version of the Windows ADK and Windows PE need to be used, for example when using Microsoft Deployment Toolkit (MDT), the servicing stack update needs to be installed before installing the cumulative update. The servicing stack update (SSU) is contained within the cumulative update (CU). To obtain the servicing stack update (SSU) so that it can be applied, it can be extracted from the cumulative update (CU).
 
-The following steps outline how to extract and then install the servicing stack update (SSU) to the boot image. Once the before servicing stack update (SSU) has been installed, then the cumulative update (CU) should install to the boot image without error. These steps are only necessary if error 0x800f0823 occurs when installing the cumulative update (CU) to the boot image. If error 0x800f0823 isn't occur when installing the cumulative update (CU) to the boot image, then skip to the next step [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path):
+The following steps outline how to extract and then install the servicing stack update (SSU) to the boot image. Once the before servicing stack update (SSU) has been installed, then the cumulative update (CU) should install to the boot image without error:
+
+> [!IMPORTANT]
+>
+> These steps are only necessary if error `0x800f0823` occurs when installing the cumulative update (CU) to the boot image. If error `0x800f0823` didn't occur when installing the cumulative update (CU) to the boot image, then skip to the next step [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path)
 
 1. Create a folder to extract the servicing stack update (SSU) into. For example, `C:\Updates\Extract`:
 
@@ -508,7 +516,7 @@ The following steps outline how to extract and then install the servicing stack
 
 1. Inspect the contents of the extracted files in the extract folder and identify the servicing stack update (SSU) CAB file. One of the files should be called `SSU-<Version>-<Arch>.cab`. For example, `SSU-19041.3205-x64.cab`. Make a note of the name of the servicing stack update (SSU) CAB file.
 
-1. Apply the servicing stack update (SSU) CAB file to the boot image using the following command:
+1. Using the name of the servicing stack update (SSU) CAB file obtained in the previous step, apply the servicing stack update (SSU) CAB file to the boot image using the following command:
 
     ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -548,43 +556,59 @@ Some cumulative updates will update the bootmgr boot files in the boot image. Af
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands need confirmation to overwrite the existing bootmgr boot files:
+From an elevated **PowerShell** command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. The commands need confirmation to overwrite the existing bootmgr boot files and if they exist, any backed up bootmgr boot files:
 
 ```powershell
+Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
+
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi"
 
+Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.bak.efi"
+
 Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
 ```
 
 **Example**:
 
 ```powershell
+Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
+
 Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
 
+Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.bak.efi"
+
 Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
 ```
 
-To overwrite the bootmgr boot files without confirmation, for example in a script, add the `-Force` parameter to the end of the command line.
+To overwrite the bootmgr boot files and any backed up bootmgr boot file without confirmation, for example in a script, add the `-Force` parameter to the end of the command lines.
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands need confirmation to overwrite the existing bootmgr boot files::
+From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. The commands need confirmation to overwrite the existing bootmgr boot files and if they exist, any backed up bootmgr boot files:
 
 ```cmd
+copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
+
 copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi"
 
+copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.bak.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
+
 copy "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
 ```
 
 **Example**:
 
 ```cmd
+copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
+
 copy "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi"
 
+copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.bak.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
+
 copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
 ```
 
-To overwrite the bootmgr boot files without confirmation, for example in a script, add the `/Y` parameter to the end of the command line.
+To overwrite the bootmgr boot files and any backed up bootmgr boot file without confirmation, for example in a script, add the `/Y` parameter to the end of the command lines.
 
 ---
 
@@ -756,8 +780,69 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 1. Once the export has completed:
   
-    1. Delete the original updated boot image.
-    1. Rename the exported boot image with the name of the original updated boot image.
+    1. Delete the original updated boot image:
+
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    From an elevated **PowerShell** command prompt, run the following command to delete the original updated boot image:
+
+    ```powershell
+    Remove-Item -Path "<Boot_image_path>\<boot_image>.wim" -Force
+    ```
+
+    **Example**:
+
+    ```powershell
+    Remove-Item - Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -Force
+    ```
+
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to delete the original updated boot image:
+
+    ```cmd
+    del "<Boot_image_path>\<boot_image>.wim" /Y
+    ```
+
+    **Example**:
+
+    ```cmd
+    del "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Y
+    ```
+
+    ---
+
+    1. Rename the exported boot image with the name of the original boot image:
+
+    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    From an elevated **PowerShell** command prompt, run the following command to rename the exported boot image with the name of the original boot image:
+
+    ```powershell
+    Rename-Item -Path "<Boot_image_path>\<exported_boot_image>.wim" -NewName "<original_boot_image_name>.wim"
+    ```
+
+    **Example**:
+
+    ```powershell
+    Rename-Item -Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" -NewName "winpe.wim"
+    ```
+
+    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to rename the exported boot image with the name of the original boot image:
+
+    ```cmd
+    rename "<Boot_image_path>\<boot_image>-export.wim" "<original_boot_image_name>.wim"
+    ```
+
+    **Example**:
+
+    ```cmd
+    rename "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" "winpe.wim"
+    ```
+
+    ---
 
 ## Microsoft Configuration Manager considerations
 

From 336a4c34239464b3066942eaad2a6aeaab67e489 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 4 Aug 2023 15:35:50 -0400
Subject: [PATCH 48/59] Update Boot Image with CU Article 48

---
 windows/deployment/update-boot-image.md | 40 +++++++++++++++++--------
 1 file changed, 28 insertions(+), 12 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 58dcc4dcaa..18b6a6f419 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -44,6 +44,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 - [Step 10: Verify all desired packages have been added to boot image](#step-10-verify-all-desired-packages-have-been-added-to-boot-image)
 - [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
 - [Step 12: Export boot image to reduce size](#step-12-export-boot-image-to-reduce-size)
+- [Step 13: Update boot images in products that utilize the boot images (optional)](#step-13-update-boot-image-in-products-that-utilize-the-boot-image-if-applicable)
 
 ## Step 1: Download and install ADK
 
@@ -844,6 +845,16 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
     ---
 
+## Step 13: Update boot image in products that utilize the boot image (if applicable)
+
+After the default `winpe.wim` boot image from the Windows ADK has been updated, additional steps usually need to take place in the product(s) that utilize the boot image . The following links contain information on how to update the boot image for several popular products that utilize boot images:
+
+- [Microsoft Configuration Manager](#updating-the-boot-image-in-configuration-manager)
+- [Microsoft Deployment Toolkit (MDT)](#updating-the-boot-image-in-mdt)
+- Windows Deployment Services
+
+For any other products that utilize boot images, please consult their documentation on how to finish updating the boot image.
+
 ## Microsoft Configuration Manager considerations
 
 ### How Microsoft Configuration Manager creates boot images
@@ -884,6 +895,8 @@ When adding a cumulative update to a Configuration Manager boot image, it's reco
 
 By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the `boot.wim` boot image via Configuration Manager.
 
+### Updating the boot image in Configuration Manager
+
 After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager that contains the cumulative update by using the following steps:
 
 1. Open the Microsoft Configuration manager console.
@@ -904,7 +917,11 @@ After updating the `winpe.wim` boot image from the Windows ADK, generate a new `
 
     1. Once the boot image finishes building, the **Completion**/**The task "Update Distribution Points Wizard" completed successfully** page will appear. Select the **Close** button.
 
-This process in addition to updating the boot image used by Configuration Manager will also update the boot images and the boot files used by any PXE enabled distribution points.
+This process updates the boot image used by Configuration Manager. It will also update the boot image and the boot files used by any PXE enabled distribution points.
+
+> [!IMPORTANT]
+>
+> If there are multiple boot images used in the environment for PXE enabled distribution points, make sure to update all of the PXE enabled boot images with the same cumulative update. This will ensure that the PXE enabled distribution points all use the latest version of the bootmgr boot files extracted from the boot images (if applicable).
 
 ### Add optional components manually to Configuration Manager boot images
 
@@ -938,27 +955,26 @@ After completing the walkthrough, update any Configuration Manager boot media to
 
 When adding a cumulative update to a Microsoft Deployment Toolkit (MDT) boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `LiteTouchPE_<arch>.wim` boot image in the MDT Deployment Share. The `winpe.wim` boot image from the Windows ADK should be updated instead of the `LiteTouchPE_<arch>.wim` boot image from the MDT Deployment Share because if `LiteTouchPE_<arch>.wim` is updated, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, may be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the MDT boot image including the applied cumulative update will persist and be preserved when the MDT Deployment Share is updated.
 
+
+### Updating the boot image in MDT
+
 After updating the `winpe.wim` boot image from the Windows ADK, generate a new `LiteTouchPE_<arch>.wim` boot image for MDT that contains the cumulative update by using the following steps:
 
-1. Open the Microsoft Configuration manager console.
+1. Open the Microsoft Deployment Toolkit (MDT) Deployment Workbench console.
 
-1. In the Microsoft Configuration manager console, navigate to **Software Library** > **Overview** > **Operating Systems** > **Boot Images**.
+1. In the Deployment Workbench console, navigate to **Deployment Workbench** > **Deployment Shares** > **MDT Deployment Share**.
 
-1. In the **Boot Images** pane, select the desired boot image.
+1. Right click on **MDT Deployment Share** and select **Update Deployment Share**.
 
-1. In the toolbar, select **Update Distribution Points**.
+1. In the **Update Deployment Share Wizard** window that appears:
 
-1. In the **Update Distribution Points Wizard** window that appears:
-
-    1. In the **General**/**Update distribution points with this image** page, select the **Reload this boot image with the current Windows PE version from the Windows ADK** option, and then select the **Next >** button.
+    1. In the **Options** page, select the **Completely regenerate the boot images** option, and then select the **Next >** button.
 
     1. In the **Summary** page, select the **Next >** button.
 
-    1. The **Progress** page will appears while the boot image builds.
+    1. The **Progress** page will appears while the boot image and deployment share builds.
 
-    1. Once the boot image finishes building, the **Completion**/**The task "Update Distribution Points Wizard" completed successfully** page will appear. Select the **Close** button.
-
-This process in addition to updating the boot image used by Configuration Manager will also update the boot images and the boot files used by any PXE enabled distribution points.
+    1. Once the boot image and deployment share finishes building, the **Confirmation**/**The process completed successfully** page will appear. Select the **Finish** button.
 
 ### MDT and Windows ADK versions
 

From b80c8c5a3a082d86b64155de32c39f2097456317 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 4 Aug 2023 17:14:05 -0400
Subject: [PATCH 49/59] Update Boot Image with CU Article 49

---
 windows/deployment/update-boot-image.md | 41 ++++++++++++-------------
 1 file changed, 20 insertions(+), 21 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 18b6a6f419..f23f720da4 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -515,7 +515,7 @@ The following steps outline how to extract and then install the servicing stack
 
     ---
 
-1. Inspect the contents of the extracted files in the extract folder and identify the servicing stack update (SSU) CAB file. One of the files should be called `SSU-<Version>-<Arch>.cab`. For example, `SSU-19041.3205-x64.cab`. Make a note of the name of the servicing stack update (SSU) CAB file.
+1. Inspect the extracted files in the extract folder and identify the servicing stack update (SSU) CAB file. One of the files should be called `SSU-<Version>-<Arch>.cab`. For example, `SSU-19041.3205-x64.cab`. Make a note of the name of the servicing stack update (SSU) CAB file.
 
 1. Using the name of the servicing stack update (SSU) CAB file obtained in the previous step, apply the servicing stack update (SSU) CAB file to the boot image using the following command:
 
@@ -783,35 +783,35 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
   
     1. Delete the original updated boot image:
 
-    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+        ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-    From an elevated **PowerShell** command prompt, run the following command to delete the original updated boot image:
+        From an elevated **PowerShell** command prompt, run the following command to delete the original updated boot image:
 
-    ```powershell
-    Remove-Item -Path "<Boot_image_path>\<boot_image>.wim" -Force
-    ```
+        ```powershell
+        Remove-Item -Path "<Boot_image_path>\<boot_image>.wim" -Force
+        ```
 
-    **Example**:
+        **Example**:
 
-    ```powershell
-    Remove-Item - Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -Force
-    ```
+        ```powershell
+        Remove-Item - Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -Force
+        ```
 
-    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+        ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to delete the original updated boot image:
+        From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to delete the original updated boot image:
 
-    ```cmd
-    del "<Boot_image_path>\<boot_image>.wim" /Y
-    ```
+        ```cmd
+        del "<Boot_image_path>\<boot_image>.wim" /Y
+        ```
 
-    **Example**:
+        **Example**:
 
-    ```cmd
-    del "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Y
-    ```
+        ```cmd
+        del "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Y
+        ```
 
-    ---
+        ---
 
     1. Rename the exported boot image with the name of the original boot image:
 
@@ -955,7 +955,6 @@ After completing the walkthrough, update any Configuration Manager boot media to
 
 When adding a cumulative update to a Microsoft Deployment Toolkit (MDT) boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `LiteTouchPE_<arch>.wim` boot image in the MDT Deployment Share. The `winpe.wim` boot image from the Windows ADK should be updated instead of the `LiteTouchPE_<arch>.wim` boot image from the MDT Deployment Share because if `LiteTouchPE_<arch>.wim` is updated, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, may be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the MDT boot image including the applied cumulative update will persist and be preserved when the MDT Deployment Share is updated.
 
-
 ### Updating the boot image in MDT
 
 After updating the `winpe.wim` boot image from the Windows ADK, generate a new `LiteTouchPE_<arch>.wim` boot image for MDT that contains the cumulative update by using the following steps:

From fd98ad8e2bde0d9ae8bf97f0140025f3cb67b2e5 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 4 Aug 2023 19:24:32 -0400
Subject: [PATCH 50/59] Update Boot Image with CU Article 50

---
 windows/deployment/update-boot-image.md | 173 ++++++++++++++----------
 1 file changed, 98 insertions(+), 75 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index f23f720da4..f8a82b38de 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -27,7 +27,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 - [Windows Assessment and Deployment Kit (Windows ADK)](/windows-hardware/get-started/adk-install) - It's recommended to use the latest version of the ADK.
 - [Windows PE add-on for the Windows ADK](/windows-hardware/get-started/adk-install). Make sure the version of Windows PE matches the version of Windows ADK that is being used.
-- Windows PE boot image
+- Windows PE boot image.
 - Latest cumulative update downloaded from the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site.
 
 ## Steps
@@ -50,9 +50,11 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 1. Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
 
-    When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. One of the tools installed will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option instead of the **PowerShell** option to run the commands in this walk-through, make sure to run the commands from the **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
+    When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. Other products, such as Microsoft Configuration Manager and Microsoft Deployment Toolkit (MDT), may require additional features installed, such as the **User State Migration Tool (USMT)**.
 
-    The paths in this article assume the Windows ADK was installed to the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths during the walk-through accordingly.
+    One of the tools installed when installing the the **Deployment Tools** feature will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option to run the commands in this walk-through, make sure to run the commands from an elevated **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
+
+    The paths in this article assume the Windows ADK was installed at the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths during the walk-through accordingly.
 
 1. Download and install the **Windows PE add-on for the Windows ADK** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install). The **Windows PE add-on for the Windows ADK** is a separate download and install from the **Windows Assessment and Deployment Kit (Windows ADK)**. Make sure to individually download and install both.
 
@@ -60,13 +62,15 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 >
 > It's strongly recommended to download and install the latest version of the Windows ADK and the Windows PE add-on for the Windows ADK.
 >
-> However, the Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. If using MDT, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
+> In certain instances, older versions of the Windows ADK and Windows PE add-on may need to be used instead of the latest version. For example:
 >
-> Additionally, the latest versions of the **Windows PE add-on for the Windows ADK** only includes 64-bit boot images. If a 32-bit boot image is required, then the recommendation in this scenario is to also use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version of the Windows ADK was the last version to include both 32-bit and 64-bit boot images.
+> - Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. If using MDT, the recommendation is to instead use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version was the last version of the Windows ADK supported by MDT.
+>
+> - The latest versions of the **Windows PE add-on for the Windows ADK** only includes 64-bit boot images. If a 32-bit boot image is required, then the recommendation in this scenario is to also use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). This version of the Windows ADK was the last version to include both 32-bit and 64-bit boot images.
 
 ## Step 2: Download cumulative update (CU)
 
-1. Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of Windows PE that was downloaded in [Step 1](#step-1-download-and-install-adk) or the version of the Windows PE boot image that will be updated.
+1. Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of the Windows PE boot image that is being updated.
 
 1. When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. Make sure to include the quotes (`"`). For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`, again making sure to include the quotes. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
 
@@ -88,20 +92,20 @@ Before modifying the desired boot image, make a backup copy of the boot image th
 
 - For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. For other boot images in Configuration Manager, the path to the boot image will be displayed in the **Image path:** field under the **Data Source** tab in the **Properties** of the boot image.
 
-    However, for **Microsoft Configuration Manager** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
+    However, for **Microsoft Configuration Manager** it's recommended to instead modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
 
 - For the default 64-bit boot image that is generated by the **Microsoft Deployment Toolkit (MDT)**, the boot image is located at `<Deployment_Share>\Boot\LiteTouchPE_x64.wim`.
 
-    However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
+    However, for **Microsoft Deployment Toolkit (MDT)** it's recommended to instead modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
 
 - For 64-bit boot images in **Windows Deployment Services (WDS)**, the boot images are located at `<RemoteInstall>\Boot\x64\Images`.
 
-Adjust the above paths for 32-bit boot images (only available in Windows 10 ADKs).
+Adjust the above paths for 32-bit boot images (only available with Windows 10 ADKs).
 
 The following commands will backup the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**:
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This commands needs confirmation to overwrite an existing backed up boot image if one already exists:
+From an elevated **PowerShell** command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. If a backed up boot image already exists, this command needs confirmation before it overwrites the existing backed up boot image:
 
 ```powershell
 Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
@@ -109,11 +113,11 @@ Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\
 
 Adjust paths and file names accordingly to back up other boot images.
 
-To overwrite an existing backed up boot image without confirmation, for example in a script, add the `-Force` parameter to the end of the command line.
+To automatically overwrite an existing backed up boot image without confirmation, for example in a script, add the `-Force` parameter to the end of the command line.
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. This commands needs confirmation to overwrite an existing backed up boot image if one already exist:
+From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. If a backed up boot image already exists, this command needs confirmation before it overwrites the existing backed up boot image:
 
 ```cmd
 copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
@@ -121,13 +125,17 @@ copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windo
 
 Adjust paths and file names accordingly to back up other boot images.
 
-To overwrite an existing backed up boot image without confirmation, for example in a script, add the `/Y` parameter to the end of the command line.
+To automatically overwrite an existing backed up boot image without confirmation, for example in a script, add the `/Y` parameter to the end of the command line.
 
 ---
 
+> [!IMPORTANT]
+>
+> When using the default `winpe.wim` boot image from the **Windows PE add-on for the Windows ADK**, it's recommended to always have a backed copy of the original unmodified boot image. This allows reverting back to the pristine untouched original boot image in case any issues occur with any iteration of an updated boot image. Additionally, whenever a new cumulative update needs to be applied to a boot image, it's recommended to always start fresh and update from the original boot image with no updates instead of updating a previously updated boot image.
+
 ## Step 4: Mount boot image to mount folder
 
-1. Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`.
+1. Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`. If using a previously created mount folder, ensure that it is empty and doesn't have any previously mounted images in it.
 
 1. Mount the boot image to the mount folder using one of the following methods:
 
@@ -284,9 +292,13 @@ Drivers are not affected by the cumulative update installed later in this walkth
 
     ---
 
-1. Make sure that after adding the optional component to also add the language specific component for that optional component. This needs to be done for every optional component that is added to the boot image.
+1. After adding an optional component to the boot image, make sure to also add the language specific component for that optional component.
 
-    For example, for English United States (en-us), add the following:
+    Not all optional components have the language specific component. However, for optional components that do have a language specific component, make sure that the language specific component is installed.
+
+    To check if an optional component has a language component, check the `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Language>\` directory to see if there is a matching language component for that optional component.
+
+    For example, to install the English United States (en-us) language component for an optional component, use the following command line:
 
     ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -355,7 +367,7 @@ For a full list of all available WinPE optional components including description
 
 ## Step 7: Add cumulative update (CU) to boot image
 
-Apply the cumulative update (CU) downloaded earlier in the walkthrough to the boot image:
+Apply the cumulative update (CU) downloaded during the [Step 2: Download cumulative update (CU)](#step-2-download-cumulative-update-cu) step to the boot image:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -393,7 +405,7 @@ For more information, see [Add or Remove Packages Offline Using DISM](/windows-h
 
 > [!IMPORTANT]
 >
-> Make sure not to apply the cumulative update (CU) until all desired optional components have been installed. This will make sure that the optional components are also properly updated by the cumulative update. If in the future any additional optional components need to be added to the boot image, make sure to reapply the cumulative update.
+> Make sure not to apply the cumulative update (CU) until all desired optional components have been installed via the [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image) step. Waiting to install the cumulative update (CU) until all optional components are installed makes sure that the optional components are also properly updated by the cumulative update. If in the future any additional optional components need to be added to the boot image, make sure to reapply the cumulative update.
 
 ### Servicing stack update (SSU) and error 0x800f0823
 
@@ -479,7 +491,7 @@ The problem occurs when the WinPE boot image that is being serviced requires ins
 
 For scenarios where an older version of the Windows ADK and Windows PE need to be used, for example when using Microsoft Deployment Toolkit (MDT), the servicing stack update needs to be installed before installing the cumulative update. The servicing stack update (SSU) is contained within the cumulative update (CU). To obtain the servicing stack update (SSU) so that it can be applied, it can be extracted from the cumulative update (CU).
 
-The following steps outline how to extract and then install the servicing stack update (SSU) to the boot image. Once the before servicing stack update (SSU) has been installed, then the cumulative update (CU) should install to the boot image without error:
+The following steps outline how to extract and then install the servicing stack update (SSU) to the boot image. Once the servicing stack update (SSU) has been installed in the boot image, then the cumulative update (CU) should install to the boot image without error:
 
 > [!IMPORTANT]
 >
@@ -492,7 +504,7 @@ The following steps outline how to extract and then install the servicing stack
     ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
     ```powershell
-    Start-Process "expand.exe" -ArgumentList " -f:* `"<Cumulative_Update_Path>\<Cumulative_Update>.msu`" `"<Extract_Path>`"" -Wait -LoadUserProfile
+    Start-Process "expand.exe" -ArgumentList " -f:* `"<Cumulative_Update_Path>\<Cumulative_Update>.msu`" `"<Extract_Folder_Path>`"" -Wait -LoadUserProfile
     ```
 
     **Example**:
@@ -504,7 +516,7 @@ The following steps outline how to extract and then install the servicing stack
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
     ```cmd
-    expand.exe -f:* "<Cumulative_Update_Path>\<Cumulative_Update>.msu" "<Extract_Path>"
+    expand.exe -f:* "<Cumulative_Update_Path>\<Cumulative_Update>.msu" "<Extract_Folder_Path>"
     ```
 
     **Example**:
@@ -557,7 +569,7 @@ Some cumulative updates will update the bootmgr boot files in the boot image. Af
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. The commands need confirmation to overwrite the existing bootmgr boot files and if they exist, any backed up bootmgr boot files:
+From an elevated **PowerShell** command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. When applicable, the commands need confirmation to overwrite any existing files:
 
 ```powershell
 Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
@@ -585,7 +597,7 @@ To overwrite the bootmgr boot files and any backed up bootmgr boot file without
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. The commands need confirmation to overwrite the existing bootmgr boot files and if they exist, any backed up bootmgr boot files:
+From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. When applicable, the commands need confirmation to overwrite any existing files:
 
 ```cmd
 copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
@@ -613,7 +625,7 @@ To overwrite the bootmgr boot files and any backed up bootmgr boot file without
 
 ---
 
-This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the ADK when creating bootable media. This includes any product that uses the ADK to create bootable media.
+This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the Windows ADK when creating bootable media via the Windows ADK. This may include any product that uses the Windows ADK to create bootable media.
 
 In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
 
@@ -643,6 +655,8 @@ Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
 ```
 
+For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Cleanup-Image](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#cleanup-image).
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to clean up the mounted boot image and help reduce its size:
@@ -815,37 +829,37 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
     1. Rename the exported boot image with the name of the original boot image:
 
-    ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+        ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-    From an elevated **PowerShell** command prompt, run the following command to rename the exported boot image with the name of the original boot image:
+        From an elevated **PowerShell** command prompt, run the following command to rename the exported boot image with the name of the original boot image:
 
-    ```powershell
-    Rename-Item -Path "<Boot_image_path>\<exported_boot_image>.wim" -NewName "<original_boot_image_name>.wim"
-    ```
+        ```powershell
+        Rename-Item -Path "<Boot_image_path>\<exported_boot_image>.wim" -NewName "<original_boot_image_name>.wim"
+        ```
 
-    **Example**:
+        **Example**:
 
-    ```powershell
-    Rename-Item -Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" -NewName "winpe.wim"
-    ```
+        ```powershell
+        Rename-Item -Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" -NewName "winpe.wim"
+        ```
 
-    ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+        ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-    From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to rename the exported boot image with the name of the original boot image:
+        From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to rename the exported boot image with the name of the original boot image:
 
-    ```cmd
-    rename "<Boot_image_path>\<boot_image>-export.wim" "<original_boot_image_name>.wim"
-    ```
+        ```cmd
+        rename "<Boot_image_path>\<boot_image>-export.wim" "<original_boot_image_name>.wim"
+        ```
 
-    **Example**:
+        **Example**:
 
-    ```cmd
-    rename "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" "winpe.wim"
-    ```
+        ```cmd
+        rename "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" "winpe.wim"
+        ```
 
-    ---
+        ---
 
-## Step 13: Update boot image in products that utilize the boot image (if applicable)
+## Step 13: Update boot image in products that utilize it (if applicable)
 
 After the default `winpe.wim` boot image from the Windows ADK has been updated, additional steps usually need to take place in the product(s) that utilize the boot image . The following links contain information on how to update the boot image for several popular products that utilize boot images:
 
@@ -859,23 +873,25 @@ For any other products that utilize boot images, please consult their documentat
 
 ### How Microsoft Configuration Manager creates boot images
 
-Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is never touched, modified, or updated by Configuration Manager except in some very specific scenarios. Instead, when changes such as:
+Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is never touched, modified, or updated by Configuration Manager except in some very specific scenarios. Instead, when changes are done in the properties of the boot image in Configuration Manager such as:
 
 - Adding drivers
 - Adding optional components
 - Enabling the command prompt
 
-are done in the properties of the boot image in Configuration Manager, Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. If any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a new copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are all reapplied to a new copy of `boot.wim`.
+Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`.
 
-This process makes has the following advantages:
+If in the future any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a new copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are all reapplied to a new copy of `boot.wim`.
+
+This process has the following advantages:
 
 1. Keeps `boot.wim` pristine.
 
-1. Makes sure that when changes are made to a boot image, they are being done to a copy of a pristine version of the boot image that hasn't had been modified in the past. This helps avoid corruption and/or corrects issues with existing boot images.
+1. Makes sure that when changes are made to a boot image, they are being done to a copy of a pristine version of the boot image that hasn't had been modified in the past. This helps avoid corruption when a boot image is updated multiple times. I can also correct issues with existing boot images.
 
-1. Helps manage components in the boot image. The process doesn't need to know what components it might need to remove from the boot image each time the boot image is rebuilt. Instead, it just needs to know what components to add to the boot image.
+1. Helps manage components in the boot image. The process doesn't need to know what components may need to be removed from the boot image each time the boot image is rebuilt. Instead, it just needs to know what components need to be added to the boot image.
 
-1. Reduces the size of the boot image that can occur when components are removed from the boot image.
+1. Reduces the size of the boot image that can occur when components are repeatedly added to and removed from the boot image.
 
 There are two scenarios when the `boot.wim` boot image is updated by Configuration Manager:
 
@@ -887,17 +903,23 @@ In theses scenarios, the `boot.wim` boot image is updated using the `winpe.wim`
 
 ### Which boot image should be updated with the cumulative update?
 
-When adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `boot.wim` boot image generated by Configuration Manager. The `winpe.wim` boot image from the Windows ADK should be updated instead of the `boot.wim` boot image generated by Configuration Manager for the following reasons:
+When manually adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `boot.wim` boot image generated by Configuration Manager.
 
-1. If `boot.wim` is updated, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, the changes made to `boot.wim` including the applied cumulative update will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the Configuration Manager boot image including the applied cumulative update will persist and be preserved when Configuration Manager does update the `boot.wim` boot image.
+The `winpe.wim` boot image from the Windows ADK should be updated because if `boot.wim` generated by Configuration Manager is updated instead, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, then changes made to `boot.wim`, including the applied cumulative update, will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then changes boot image, including the applied cumulative update, will persist and be preserved even when Configuration Manager does update the `boot.wim` boot image.
 
-1. If `boot.<package_id>.wim` is updated, then it will not only face the issues when `boot.wim` is updated, but it will also lose any changes, including the applied cumulative update, when any changes are done to the boot image (e.g. adding drivers, enabling the command prompt, etc.). Additionally, it will change the hash value of the boot image which can lead to download failures when downloading the boot image from a distribution point.
+> [!IMPORTANT]
+>
+> Never manually update the `boot.<package_id>.wim` boot image. In addition to facing the same issues when manually updating the `boot.wim` boot image,  the `boot.<package_id>.wim` boot image will also face additional issues such as:
+>
+> - Any time any changes are done to the boot image, such as adding drivers, enabling the command prompt. etc, any manual changes done to the boot image, including the cumulative update, will be lost.
+>
+> - Manually changing the `boot.<package_id>.wim` boot image changes the hash value of the boot image. A change in the hash value of the boot image can lead to download failures when downloading the boot image from a distribution point.
 
 By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the `boot.wim` boot image via Configuration Manager.
 
 ### Updating the boot image in Configuration Manager
 
-After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager that contains the cumulative update by using the following steps:
+After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager so that it contains the cumulative update. A new `boot.wim` boot image can be generated by using the following steps:
 
 1. Open the Microsoft Configuration manager console.
 
@@ -907,30 +929,35 @@ After updating the `winpe.wim` boot image from the Windows ADK, generate a new `
 
 1. In the toolbar, select **Update Distribution Points**.
 
-1. In the **Update Distribution Points Wizard** window that appears:
+1. When the **Update Distribution Points Wizard** window that appears:
 
     1. In the **General**/**Update distribution points with this image** page, select the **Reload this boot image with the current Windows PE version from the Windows ADK** option, and then select the **Next >** button.
 
     1. In the **Summary** page, select the **Next >** button.
 
-    1. The **Progress** page will appears while the boot image builds.
+    1. The **Progress** page appears while the boot image builds.
 
-    1. Once the boot image finishes building, the **Completion**/**The task "Update Distribution Points Wizard" completed successfully** page will appear. Select the **Close** button.
+    1. Once the boot image finishes building, the **The task "Update Distribution Points Wizard" completed successfully**/**Completion** page will appear. Select the **Close** button.
 
-This process updates the boot image used by Configuration Manager. It will also update the boot image and the boot files used by any PXE enabled distribution points.
+This process updates the boot image used by Configuration Manager. It will also update the boot image and the bootmgr boot files used by any PXE enabled distribution points.
 
 > [!IMPORTANT]
 >
-> If there are multiple boot images used in the environment for PXE enabled distribution points, make sure to update all of the PXE enabled boot images with the same cumulative update. This will ensure that the PXE enabled distribution points all use the latest version of the bootmgr boot files extracted from the boot images (if applicable).
+> If there are multiple boot images used in the environment for PXE enabled distribution points, make sure to update all of the PXE enabled boot images with the same cumulative update. This will ensure that the PXE enabled distribution points all use the version of the bootmgr boot files extracted from the boot images (if applicable).
 
 ### Add optional components manually to Configuration Manager boot images
 
-For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the above command lines instead of adding them through Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image. Optional components need to be added to the boot image manually instead of via Configuration Manager because:
+For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the command lines from the walkthrough instead of adding them through Configuration Manager. Optional components are usually added to boot images in Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image.
+
+Optional components need to be added to the boot image manually instead of via Configuration Manager because:
 
 - When the cumulative update is applied, it will also update any optional components as needed.
-- If the optional components are instead added through Configuration Manager after a cumulative update has been applied to the boot image, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems.
 
-Once any optional components has been manually added to a boot image, if that optional component is attempted to be added via the **Optional Components** tab in the **Properties** of the boot image in Configuration Manager, Configuration Manager will detect that the optional component has already been added and it will not try to add the optional component again.
+- If optional components are added through Configuration Manager on a boot image that has a cumulative update, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems. The cumulative update needs to be added after the optional components have been added to the boot image for the optional components to be updated properly with the cumulative update.
+
+> [!NOTE]
+>
+> If an optional component is attempted to be added via the **Optional Components** tab in the **Properties** of the boot image in Configuration Manager but the optional component has already been manually added to the boot image, Configuration Manager won't add that optional component again. Instead, Configuration Manager detects that the optional component has already been added and it won't try to add the optional component again.
 
 ### Configuration Manager boot image required components
 
@@ -949,13 +976,15 @@ For a list of all available WinPE optional components including descriptions for
 
 ### Updating Configuration Manager boot media
 
-After completing the walkthrough, update any Configuration Manager boot media to ensure that the boot media has both the updated boot image and if applicable, updated boot files.
+After completing the walkthrough, including updating boot images in Configuration Manager, update any Configuration Manager task sequence media to ensure that the task sequence media has both the updated boot image and if applicable, updated boot files.
 
 ## Microsoft Deployment Toolkit (MDT) considerations
 
-When adding a cumulative update to a Microsoft Deployment Toolkit (MDT) boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `LiteTouchPE_<arch>.wim` boot image in the MDT Deployment Share. The `winpe.wim` boot image from the Windows ADK should be updated instead of the `LiteTouchPE_<arch>.wim` boot image from the MDT Deployment Share because if `LiteTouchPE_<arch>.wim` is updated, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, may be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the MDT boot image including the applied cumulative update will persist and be preserved when the MDT Deployment Share is updated.
+When adding a cumulative update to a Microsoft Deployment Toolkit (MDT) boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `LiteTouchPE_<arch>.wim` boot image in the MDT Deployment Share.
 
-### Updating the boot image in MDT
+The `winpe.wim` boot image from the Windows ADK should be updated because if `LiteTouchPE_<arch>.wim` is updated instead, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the boot image, including the applied cumulative update, will persist and be preserved when the MDT Deployment Share is updated.
+
+### Updating the boot image and boot media in MDT
 
 After updating the `winpe.wim` boot image from the Windows ADK, generate a new `LiteTouchPE_<arch>.wim` boot image for MDT that contains the cumulative update by using the following steps:
 
@@ -971,9 +1000,11 @@ After updating the `winpe.wim` boot image from the Windows ADK, generate a new `
 
     1. In the **Summary** page, select the **Next >** button.
 
-    1. The **Progress** page will appears while the boot image and deployment share builds.
+    1. The **Progress** page appears while the boot image and deployment share builds.
 
-    1. Once the boot image and deployment share finishes building, the **Confirmation**/**The process completed successfully** page will appear. Select the **Finish** button.
+    1. Once the boot image and deployment share finishes building, the **The process completed successfully**/**Confirmation** page appears. Select the **Finish** button.
+
+These steps also update the MDT boot media in the MDT Deployment Share. After following the above steps, use the newly updated ISO files in the `<DeploymnetShare>\Boot` folder to create new MDT boot media.
 
 ### MDT and Windows ADK versions
 
@@ -995,14 +1026,6 @@ When adding optional components to any boot image used by MDT during the [Step 6
 
 For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 
-### Update MDT boot image
-
-After completing the walkthrough, .
-
-### Updating MDT boot media
-
-After completing the walkthrough and updating the Deployment Share, update any MDT boot media to ensure that the boot media has both the updated boot image and if applicable, updated boot files.
-
 ## Windows Deployment Services (WDS) considerations
 
 The **boot.wim** that is part of Windows installation media isn't supported for deploying Windows 11 with Windows Deployment Services (WDS). Additionally, the **boot.wim** from Windows 11 installation media isn't supported for deploying any version of Windows with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md).

From 169e4273841cc64562387a4b3b1caf4b06a9b500 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Sat, 5 Aug 2023 20:38:44 -0400
Subject: [PATCH 51/59] Update Boot Image with CU Article 51

---
 windows/deployment/update-boot-image.md | 100 ++++++++++++------------
 1 file changed, 52 insertions(+), 48 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index f8a82b38de..a4dc9573ea 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -50,9 +50,9 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 1. Download and install the **Windows Assessment and Deployment Kit (Windows ADK)** from [Download and install the Windows ADK](/windows-hardware/get-started/adk-install).
 
-    When installing the Windows ADK, for the purpose of this walk-through, it's only necessary to install the **Deployment Tools**. Other products, such as Microsoft Configuration Manager and Microsoft Deployment Toolkit (MDT), may require additional features installed, such as the **User State Migration Tool (USMT)**.
+    For this walk-through, when the Windows ADK is installed, it's only necessary to install the **Deployment Tools**. Other products, such as Microsoft Configuration Manager and Microsoft Deployment Toolkit (MDT), may require additional features installed, such as the **User State Migration Tool (USMT)**.
 
-    One of the tools installed when installing the the **Deployment Tools** feature will be the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option to run the commands in this walk-through, make sure to run the commands from an elevated **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
+    One of the tools installed when installing the the **Deployment Tools** feature is the **Deployment and Imaging Tools Environment** command prompt. When using the **Command Line** option to run the commands in this walk-through, make sure to run the commands from an elevated **Deployment and Imaging Tools Environment** command prompt. The **Deployment and Imaging Tools Environment** command prompt can be found in the Start Menu under **Windows Kits** > **Deployment and Imaging Tools Environment**.
 
     The paths in this article assume the Windows ADK was installed at the default location of `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit`. If the Windows ADK was installed to a different location, then adjust the paths during the walk-through accordingly.
 
@@ -70,7 +70,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 ## Step 2: Download cumulative update (CU)
 
-1. Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update for the version of Windows that matches the version of the Windows PE boot image that is being updated.
+1. Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update. The Windows version of the cumulative update should match the version of the Windows PE boot image that is being updated.
 
 1. When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. Make sure to include the quotes (`"`). For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`, again making sure to include the quotes. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
 
@@ -90,7 +90,7 @@ Before modifying the desired boot image, make a backup copy of the boot image th
 
 - For the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**, the boot image is located at `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim`.
 
-- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. For other boot images in Configuration Manager, the path to the boot image will be displayed in the **Image path:** field under the **Data Source** tab in the **Properties** of the boot image.
+- For the default 64-bit boot image that is generated by **Microsoft Configuration Manager**, the boot image is located at `<ConfigMgr_Install_Directory>\OSD\boot\x64\boot.wim`. For other boot images in Configuration Manager, the path to the boot image is displayed in the **Image path:** field under the **Data Source** tab in the **Properties** of the boot image.
 
     However, for **Microsoft Configuration Manager** it's recommended to instead modify the `winpe.wim` boot image included with the **Windows PE add-on for the Windows ADK**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations).
 
@@ -102,10 +102,10 @@ Before modifying the desired boot image, make a backup copy of the boot image th
 
 Adjust the above paths for 32-bit boot images (only available with Windows 10 ADKs).
 
-The following commands will backup the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**:
+The following commands backs up the 64-bit boot image included with the **Windows PE add-on for the Windows ADK**:
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. If a backed up boot image already exists, this command needs confirmation before it overwrites the existing backed up boot image:
+From an elevated **PowerShell** command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. If a backed-up boot image already exists, this command needs confirmation before it overwrites the existing backed up boot image:
 
 ```powershell
 Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
@@ -117,7 +117,7 @@ To automatically overwrite an existing backed up boot image without confirmation
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. If a backed up boot image already exists, this command needs confirmation before it overwrites the existing backed up boot image:
+From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. If a backed-up boot image already exists, this command needs confirmation before it overwrites the existing backed up boot image:
 
 ```cmd
 copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.bak.wim"
@@ -135,7 +135,7 @@ To automatically overwrite an existing backed up boot image without confirmation
 
 ## Step 4: Mount boot image to mount folder
 
-1. Create a new empty empty folder to mount the boot image to. For example, `C:\Mount`. If using a previously created mount folder, ensure that it is empty and doesn't have any previously mounted images in it.
+1. Create a new empty folder to mount the boot image to. For example, `C:\Mount`. If using a previously created mount folder, ensure that it's empty and doesn't have any previously mounted images in it.
 
 1. Mount the boot image to the mount folder using one of the following methods:
 
@@ -233,7 +233,7 @@ For more information, see [Add and Remove Driver packages to an offline Windows
 
 ---
 
-Drivers are not affected by the cumulative update installed later in this walkthrough. Once a driver is added to a boot image, it does not need to be added again if a newer cumulative update is applied to the boot image at a later point in time.
+The cumulative update installed later in this walkthrough doesn't affect drivers. Once a driver is added to a boot image, it doesn't need to be added again if a newer cumulative update is applied to the boot image.
 
 > [!TIP]
 >
@@ -284,7 +284,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
     DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-Scripting.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WDS-Tools.cab" /PackagePath:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-SecureStartup.cab"
     ```
 
-    These examples assume a 64-bit boot image image. If a different architecture is being used, then adjust the paths in the commands accordingly.
+    These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths in the commands accordingly.
 
     You can add as many desired optional components as needed on a single **DISM.exe** command line.
 
@@ -296,7 +296,7 @@ Drivers are not affected by the cumulative update installed later in this walkth
 
     Not all optional components have the language specific component. However, for optional components that do have a language specific component, make sure that the language specific component is installed.
 
-    To check if an optional component has a language component, check the `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Language>\` directory to see if there is a matching language component for that optional component.
+    To check if an optional component has a language component, check the `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\<Language>\` directory to see if there's a matching language component for that optional component.
 
     For example, to install the English United States (en-us) language component for an optional component, use the following command line:
 
@@ -338,17 +338,21 @@ Drivers are not affected by the cumulative update installed later in this walkth
 
 > [!IMPORTANT]
 >
-> When adding optional components, make sure to check if an optional component has a prerequisite for another optional component. When an optional component does have a prerequisite, make sure that the prerequisite component is installed first. For more information on adding optional components, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
+> When adding optional components, make sure to check if an optional component has a prerequisite for another optional component. When an optional component does have a prerequisite, make sure that the prerequisite component is installed first. For more information, see [WinPE Optional Components (OC) Reference: How to add Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#how-to-add-optional-components).
 
 > [!IMPORTANT]
 >
-> Both **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)** boot images require certain optional components to work properly. Make sure to add these required components when using either **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)**
+> Cumulative updates always need to be applied or reapplied after adding optional components to the boot image. If additional optional components are added to a boot image after a cumulative update has been applied, then the cumulative update needs to be reapplied.
+
+> [!IMPORTANT]
 >
-> Additionally, when adding any optional component for either **Microsoft Configuration Manager** or **Microsoft Deployment Toolkit (MDT)** boot images, make sure to add the components manually using the above command lines instead of adding them through **Configuration Manager** or **MDT**. For more information, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations) or [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
+> Both **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)** boot images require certain optional components to work properly. Make sure to add these required components when using either **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)**. For more information, see [Configuration Manager boot image required components](#configuration-manager-boot-image-required-components) or [MDT boot image required components](#mdt-boot-image-required-components).
+>
+> Additionally, when adding any optional component for either **Microsoft Configuration Manager** or **Microsoft Deployment Toolkit (MDT)** boot images, make sure to manually add the optional components using this walkthrough instead of adding them through **Configuration Manager** or **MDT**. For more information and reasons why, see [Microsoft Configuration Manager considerations](#microsoft-configuration-manager-considerations) or [Microsoft Deployment Toolkit (MDT) considerations](#microsoft-deployment-toolkit-mdt-considerations).
 
 ### Popular optional components
 
-The following is a list of popular optional components that are commonly added to boot images:
+The following list contains the more popular optional components that are commonly added to boot images:
 
 | **Feature** | **File Name** | **Dependency** | **Purpose** | **Required by ConfigMgr** | **Required by MDT** |
 | --- | --- | --- | --- | --- |
@@ -358,7 +362,7 @@ The following is a list of popular optional components that are commonly added t
 | Startup/WinPE-SecureStartup | `WinPE-SecureStartup.cab` | Scripting/WinPE-WMI | Supports managing BitLocker and TPMs within WinPE | Yes | Yes|
 | File management/WinPE-FMAPI | `WinPE-FMAPI.cab` | NA | Supports access to the Windows PE File Management API | No | Yes |
 | Windows PowerShell/WinPE-PowerShell | `WinPE-PowerShell.cab` | Scripting/WinPE-Scripting <br> Scripting/WinPE-WMI <br> Microsoft .NET/WinPE-NetFx | Supports running PowerShell commands and scripts in WinPE | No | No |
-| Microsoft .NET/WinPE-NetFx | `WinPE-NetFx.cab` | Scripting/WinPE-WMI | Supports .Net applications in WinPE | No | No |
+| Microsoft .NET/WinPE-NetFx | `WinPE-NetFx.cab` | Scripting/WinPE-WMI | Supports .NET applications in WinPE | No | No |
 | Network/WinPE-Dot3Svc | `WinPE-Dot3Svc.cab` | NA | Supports the 802.1X network protocol in WinPE | No | No |
 | HTML/WinPE-HTA | `WinPE-HTA.cab` | Scripting/WinPE-WMI | Supports running HTML applications in WinPE | No | No |
 | Database/WinPE-MDAC | `WinPE-MDAC.cab` | NA | Supports connecting to databases in WinPE | No | No |
@@ -437,7 +441,7 @@ The DISM log file can be found at C:\Windows\Logs\DISM\dism.log
 
 ---
 
-Inspecting the **DISM.log** will reveal the following error:
+Inspecting the **DISM.log** reveals the following error:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -487,9 +491,9 @@ DISM Package Manager: PID=<PID> TID=<TID> Failed while processing command add-pa
 
 ---
 
-The problem occurs when the WinPE boot image that is being serviced requires installation of a servicing stack update (SSU) before installation of the cumulative update (CU) can occur. The problem usually occurs when using older Windows ADKs and older versions of Windows PE. The suggested fix is to upgrade to the latest version of the Windows ADK and Windows PE which most likely won't need a servicing stack update (SSU) installed before installing the cumulative update (CU).
+The problem occurs when the WinPE boot image that is being serviced requires installation of a servicing stack update (SSU) before installation of the cumulative update (CU) can occur. The problem usually occurs when using older Windows ADKs and older versions of Windows PE. The suggested fix is to upgrade to the latest version of the Windows ADK and Windows PE. The latest versions of the Windows ADK and Windows PE most likely don't need a servicing stack update (SSU) installed before installing the cumulative update (CU).
 
-For scenarios where an older version of the Windows ADK and Windows PE need to be used, for example when using Microsoft Deployment Toolkit (MDT), the servicing stack update needs to be installed before installing the cumulative update. The servicing stack update (SSU) is contained within the cumulative update (CU). To obtain the servicing stack update (SSU) so that it can be applied, it can be extracted from the cumulative update (CU).
+For scenarios where older versions of the Windows ADK and Windows PE need to be used, for example when using Microsoft Deployment Toolkit (MDT), the servicing stack update needs to be installed before installing the cumulative update. The servicing stack update (SSU) is contained within the cumulative update (CU). To obtain the servicing stack update (SSU) so that it can be applied, it can be extracted from the cumulative update (CU).
 
 The following steps outline how to extract and then install the servicing stack update (SSU) to the boot image. Once the servicing stack update (SSU) has been installed in the boot image, then the cumulative update (CU) should install to the boot image without error:
 
@@ -565,11 +569,11 @@ The following steps outline how to extract and then install the servicing stack
 
 ## Step 8: Copy boot files from mounted boot image to ADK installation path
 
-Some cumulative updates will update the bootmgr boot files in the boot image. After these bootmgr boot files have been updated in the boot image, it's recommended to copy these updated bootmgr boot files from the boot image back to the Windows ADK. This will ensure that the Windows ADK has the updated bootmgr boot files.
+Some cumulative updates contain updated bootmgr boot files that are added to the boot image. After these bootmgr boot files have been updated in the boot image, it's recommended to copy these updated bootmgr boot files from the boot image back to the Windows ADK. Copying these files ensures that the Windows ADK has the updated bootmgr boot files.
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-From an elevated **PowerShell** command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. When applicable, the commands need confirmation to overwrite any existing files:
+From an elevated **PowerShell** command prompt, run the following commands to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands also back up any existing bootmgr boot files its finds. When applicable, the commands need confirmation to overwrite any existing files:
 
 ```powershell
 Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
@@ -597,7 +601,7 @@ To overwrite the bootmgr boot files and any backed up bootmgr boot file without
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands will also back up any existing bootmgr boot files its finds. When applicable, the commands need confirmation to overwrite any existing files:
+From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands also back up any existing bootmgr boot files its finds. When applicable, the commands need confirmation to overwrite any existing files:
 
 ```cmd
 copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
@@ -625,7 +629,7 @@ To overwrite the bootmgr boot files and any backed up bootmgr boot file without
 
 ---
 
-This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the Windows ADK when creating bootable media via the Windows ADK. This may include any product that uses the Windows ADK to create bootable media.
+This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the Windows ADK when creating bootable media via the Windows ADK. When these files are updated in the Windows ADK, products that use the Windows ADK to create bootable media also have access to the updated bootmgr boot files.
 
 In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
 
@@ -635,7 +639,7 @@ In particular, this step is needed when addressing the BlackLotus UEFI bootkit v
 
 ## Step 9: Perform component cleanup
 
-Run **DISM.exe** commands that will clean up the mounted boot image and help reduce its size:
+Run **DISM.exe** commands that clean up the mounted boot image and help reduce its size:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -681,7 +685,7 @@ For more information, see [Modify a Windows image using DISM: Reduce the size of
 
 ## Step 10: Verify all desired packages have been added to boot image
 
-After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they are showing as installed:
+After the optional components and the cumulative update (CU) have been applied to the boot image, verify that they're showing as installed:
 
 ### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -861,19 +865,19 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 
 ## Step 13: Update boot image in products that utilize it (if applicable)
 
-After the default `winpe.wim` boot image from the Windows ADK has been updated, additional steps usually need to take place in the product(s) that utilize the boot image . The following links contain information on how to update the boot image for several popular products that utilize boot images:
+After the default `winpe.wim` boot image from the Windows ADK has been updated, additional steps usually need to take place in the product(s) that utilize the boot image. The following links contain information on how to update the boot image for several popular products that utilize boot images:
 
 - [Microsoft Configuration Manager](#updating-the-boot-image-in-configuration-manager)
 - [Microsoft Deployment Toolkit (MDT)](#updating-the-boot-image-in-mdt)
 - Windows Deployment Services
 
-For any other products that utilize boot images, please consult their documentation on how to finish updating the boot image.
+For any other products that utilize boot images, consult the product's documentation on updating the boot image.
 
 ## Microsoft Configuration Manager considerations
 
 ### How Microsoft Configuration Manager creates boot images
 
-Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager and is never touched, modified, or updated by Configuration Manager except in some very specific scenarios. Instead, when changes are done in the properties of the boot image in Configuration Manager such as:
+Microsoft Configuration Manager creates its own boot images by taking the `winpe.wim` from the Windows ADK, adding some [optional components it requires](#configuration-manager-boot-image-required-components) to function correctly, and then saving the boot image as `boot.wim` in the directory `<ConfigMgr_Install_Directory>\OSD\boot\<architecture>\boot.wim`. This `boot.wim` boot image is considered the pristine authoritative copy of the boot image by Configuration Manager. Configuration Manager never touches, modifies, or updates the `boot.wim` boot image except in some specific scenarios. Instead, when changes are done in the properties of the boot image in Configuration Manager such as:
 
 - Adding drivers
 - Adding optional components
@@ -881,21 +885,21 @@ Microsoft Configuration Manager creates its own boot images by taking the `winpe
 
 Configuration Manager makes a copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`.
 
-If in the future any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a new copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Any time any changes are made to a boot image, both the new changes and any changes done in the past are all reapplied to a new copy of `boot.wim`.
+If in the future any additional changes are done to the boot image, Configuration Manager discards the previously created `boot.<package_id>.wim` boot image, makes a new copy of `boot.wim`, applies the changes to the copy, and then saves the new boot image as `boot.<package_id>.wim`. In other words, `boot.wim` is never touched. Anytime any changes are made to a boot image, both the new changes and any changes done in the past are all reapplied to a new copy of `boot.wim`.
 
 This process has the following advantages:
 
 1. Keeps `boot.wim` pristine.
 
-1. Makes sure that when changes are made to a boot image, they are being done to a copy of a pristine version of the boot image that hasn't had been modified in the past. This helps avoid corruption when a boot image is updated multiple times. I can also correct issues with existing boot images.
+1. Makes sure that changes done to a boot image are being done to a pristine unmodified version of the boot image. This process helps avoid corruption when a boot image is updated multiple times. I can also correct issues with existing boot images.
 
 1. Helps manage components in the boot image. The process doesn't need to know what components may need to be removed from the boot image each time the boot image is rebuilt. Instead, it just needs to know what components need to be added to the boot image.
 
-1. Reduces the size of the boot image that can occur when components are repeatedly added to and removed from the boot image.
+1. It reduces the size of the boot image that can occur when components are repeatedly added to and removed from the boot image.
 
-There are two scenarios when the `boot.wim` boot image is updated by Configuration Manager:
+Configuration Manager updates the `boot.wim` boot image in two scenarios:
 
-1. When upgrading between versions of Configuration Manager or when applying hotfix roll ups (HFRUs) to Configuration Manager, `boot.wim` may be updated as part of the upgrade process.
+1. When Configuration Manager is upgraded between version or a hotfix roll ups (HFRUs) is applied, `boot.wim` may be updated as part of the upgrade process.
 
 1. When selecting the option **Reload this boot image with the current Windows PE version from the Windows ADK** in the **Update Distribution Points Wizard**.
 
@@ -905,7 +909,7 @@ In theses scenarios, the `boot.wim` boot image is updated using the `winpe.wim`
 
 When manually adding a cumulative update to a Configuration Manager boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `boot.wim` boot image generated by Configuration Manager.
 
-The `winpe.wim` boot image from the Windows ADK should be updated because if `boot.wim` generated by Configuration Manager is updated instead, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, then changes made to `boot.wim`, including the applied cumulative update, will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then changes boot image, including the applied cumulative update, will persist and be preserved even when Configuration Manager does update the `boot.wim` boot image.
+The `winpe.wim` boot image from the Windows ADK should be updated because if `boot.wim` generated by Configuration Manager is updated instead, then the next time `boot.wim` is updated via a Configuration Manager upgrade or the **Reload this boot image with the current Windows PE version from the Windows ADK** option, then changes made to `boot.wim`, including the applied cumulative update, will be lost. If the `winpe.wim` boot image from the Windows ADK is updated with the cumulative update instead, then the cumulative update persists and is preserved even when Configuration Manager does update the `boot.wim` boot image.
 
 > [!IMPORTANT]
 >
@@ -915,7 +919,7 @@ The `winpe.wim` boot image from the Windows ADK should be updated because if `bo
 >
 > - Manually changing the `boot.<package_id>.wim` boot image changes the hash value of the boot image. A change in the hash value of the boot image can lead to download failures when downloading the boot image from a distribution point.
 
-By updating `winpe.wim` from the Windows ADK, this will ensure that the cumulative update will stay applied regardless of what changes are made to the `boot.wim` boot image via Configuration Manager.
+Updating `winpe.wim` from the Windows ADK ensures that the cumulative update stays applied regardless of what changes are made to the `boot.wim` boot image via Configuration Manager.
 
 ### Updating the boot image in Configuration Manager
 
@@ -937,9 +941,9 @@ After updating the `winpe.wim` boot image from the Windows ADK, generate a new `
 
     1. The **Progress** page appears while the boot image builds.
 
-    1. Once the boot image finishes building, the **The task "Update Distribution Points Wizard" completed successfully**/**Completion** page will appear. Select the **Close** button.
+    1. Once the boot image finishes building, the **The task "Update Distribution Points Wizard" completed successfully**/**Completion** page appears. Select the **Close** button.
 
-This process updates the boot image used by Configuration Manager. It will also update the boot image and the bootmgr boot files used by any PXE enabled distribution points.
+This process updates the boot image used by Configuration Manager. It also updates the boot image and the bootmgr boot files used by any PXE enabled distribution points.
 
 > [!IMPORTANT]
 >
@@ -947,13 +951,13 @@ This process updates the boot image used by Configuration Manager. It will also
 
 ### Add optional components manually to Configuration Manager boot images
 
-For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the command lines from the walkthrough instead of adding them through Configuration Manager. Optional components are usually added to boot images in Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image.
+For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the command lines from the walkthrough instead of adding them through Configuration Manager. Optional components are added to boot images in Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image.
 
 Optional components need to be added to the boot image manually instead of via Configuration Manager because:
 
-- When the cumulative update is applied, it will also update any optional components as needed.
+- When the cumulative update is applied, it also updates any optional components as needed.
 
-- If optional components are added through Configuration Manager on a boot image that has a cumulative update, then the optional components will not be updated with the cumulative update. This could lead to unexpected behaviors and problems. The cumulative update needs to be added after the optional components have been added to the boot image for the optional components to be updated properly with the cumulative update.
+- If optional components are added through Configuration Manager on a boot image that has a cumulative update, then the optional components aren't updated with the cumulative update. Adding the optional components through Configuration Manager could lead to unexpected behaviors and problems. The cumulative update needs to be added after the optional components have been added to the boot image for the optional components to be updated properly with the cumulative update.
 
 > [!NOTE]
 >
@@ -961,7 +965,7 @@ Optional components need to be added to the boot image manually instead of via C
 
 ### Configuration Manager boot image required components
 
-The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
+For Microsoft Configuration Manager boot images to function correctly, it requires the following optional components:
 
 | **Feature** | **File Name** | **Dependency** | **Required by ConfigMgr** |
 | --- | --- | --- | --- |
@@ -976,13 +980,13 @@ For a list of all available WinPE optional components including descriptions for
 
 ### Updating Configuration Manager boot media
 
-After completing the walkthrough, including updating boot images in Configuration Manager, update any Configuration Manager task sequence media to ensure that the task sequence media has both the updated boot image and if applicable, updated boot files.
+After completing the walkthrough, including updating boot images in Configuration Manager, update any Configuration Manager task sequence media. Updating any Configuration Manager task sequence media ensures that the task sequence media has both the updated boot image and if applicable, updated boot files.
 
 ## Microsoft Deployment Toolkit (MDT) considerations
 
 When adding a cumulative update to a Microsoft Deployment Toolkit (MDT) boot image, it's recommended to update the `winpe.wim` boot image from the Windows ADK instead of directly updating the `LiteTouchPE_<arch>.wim` boot image in the MDT Deployment Share.
 
-The `winpe.wim` boot image from the Windows ADK should be updated because if `LiteTouchPE_<arch>.wim` is updated instead, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, will be lost. If the `winpe.wim` boot image from the Windows ADK is updated instead, then the changes to the boot image, including the applied cumulative update, will persist and be preserved when the MDT Deployment Share is updated.
+The `winpe.wim` boot image from the Windows ADK should be updated because if `LiteTouchPE_<arch>.wim` is updated instead, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, will be lost. If the `winpe.wim` boot image from the Windows ADK is updated with the cumulative update instead, then the cumulative update persists and is preserved even when the MDT Deployment Share is updated.
 
 ### Updating the boot image and boot media in MDT
 
@@ -1000,19 +1004,19 @@ After updating the `winpe.wim` boot image from the Windows ADK, generate a new `
 
     1. In the **Summary** page, select the **Next >** button.
 
-    1. The **Progress** page appears while the boot image and deployment share builds.
+    1. The **Progress** page appears while the boot image and deployment share build.
 
-    1. Once the boot image and deployment share finishes building, the **The process completed successfully**/**Confirmation** page appears. Select the **Finish** button.
+    1. Once the boot image and deployment share finish building, the **The process completed successfully**/**Confirmation** page appears. Select the **Finish** button.
 
 These steps also update the MDT boot media in the MDT Deployment Share. After following the above steps, use the newly updated ISO files in the `<DeploymnetShare>\Boot` folder to create new MDT boot media.
 
 ### MDT and Windows ADK versions
 
-Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. When using MDT, the recommendation is to use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads) instead of the latest version of the Windows ADK. **ADK for Windows 10, version 2004** was the last version of the Windows ADK supported by MDT.
+Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. When MDT is used, the recommendation is to use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads) instead of the latest version of the Windows ADK. **ADK for Windows 10, version 2004** was the last version of the Windows ADK supported by MDT.
 
 ### MDT boot image required components
 
-The following components are required by Microsoft Configuration Manager boot images for Configuration Manager to function correctly:
+For Microsoft Deployment Toolkit (MDT) boot images to function correctly, it requires the following optional components:
 
 | **Feature** | **File Name** | **Dependency** | **Required by MDT** |
 | --- | --- | --- | --- |
@@ -1032,4 +1036,4 @@ The **boot.wim** that is part of Windows installation media isn't supported for
 
 ## Windows Server 2012 R2
 
-This walk-through isn't intended for use with Windows Server 2012 R2. There may be additional steps necessary when using Windows Server 2012 R2, such as also having to apply the latest servicing stack update (SSU) to the WinPE boot image. For server OSes, it's strongly recommended to use Windows Server 2016 or later for this walk-through. For more information see, [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).
+This walk-through isn't intended for use with Windows Server 2012 R2. There may be additional steps necessary when using Windows Server 2012 R2, such as also having to apply the latest servicing stack update (SSU) to the WinPE boot image. For server OSes, it's recommended to use Windows Server 2016 or later for this walk-through. For more information, see [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).

From 38324bf811115d565eeff71e47be761f390ee0a4 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Mon, 7 Aug 2023 12:11:22 -0400
Subject: [PATCH 52/59] Update Boot Image with CU Article 52

---
 windows/deployment/update-boot-image.md | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index a4dc9573ea..2826d0a60b 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -36,7 +36,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 - [Step 2: Download cumulative update (CU)](#step-2-download-cumulative-update-cu)
 - [Step 3: Backup existing boot image](#step-3-backup-existing-boot-image)
 - [Step 4: Mount boot image to mount folder](#step-4-mount-boot-image-to-mount-folder)
-- [Step 5: Add drivers to boot image](#step-5-add-drivers-to-boot-image)
+- [Step 5: Add drivers to boot image (optional)](#step-5-add-drivers-to-boot-image-optional)
 - [Step 6: Add optional components to boot image](#step-6-add-optional-components-to-boot-image)
 - [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image)
 - [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path)
@@ -44,7 +44,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 - [Step 10: Verify all desired packages have been added to boot image](#step-10-verify-all-desired-packages-have-been-added-to-boot-image)
 - [Step 11: Unmount boot image and save changes](#step-11-unmount-boot-image-and-save-changes)
 - [Step 12: Export boot image to reduce size](#step-12-export-boot-image-to-reduce-size)
-- [Step 13: Update boot images in products that utilize the boot images (optional)](#step-13-update-boot-image-in-products-that-utilize-the-boot-image-if-applicable)
+- [Step 13: Update boot images in products that utilize the boot images (optional)](#step-13-update-boot-image-in-products-that-utilize-it-if-applicable)
 
 ## Step 1: Download and install ADK
 
@@ -115,6 +115,8 @@ Adjust paths and file names accordingly to back up other boot images.
 
 To automatically overwrite an existing backed up boot image without confirmation, for example in a script, add the `-Force` parameter to the end of the command line.
 
+For more information, see [Copy-Item](/powershell/module/microsoft.powershell.management/copy-item).
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 From an elevated command prompt, run the following command to create a backup copy of the 64-bit boot image included with the Windows ADK. If a backed-up boot image already exists, this command needs confirmation before it overwrites the existing backed up boot image:
@@ -127,6 +129,8 @@ Adjust paths and file names accordingly to back up other boot images.
 
 To automatically overwrite an existing backed up boot image without confirmation, for example in a script, add the `/Y` parameter to the end of the command line.
 
+For more information, see [copy](/windows-server/administration/windows-commands/copy).
+
 ---
 
 > [!IMPORTANT]
@@ -173,7 +177,7 @@ To automatically overwrite an existing backed up boot image without confirmation
 
   ---
 
-## Step 5: Add drivers to boot image
+## Step 5: Add drivers to boot image (optional)
 
 If needed, add any drivers to the boot image:
 
@@ -815,6 +819,8 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
         Remove-Item - Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -Force
         ```
 
+        For more information, see [Remove-Item](/powershell/module/microsoft.powershell.management/remove-item).
+
         ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
         From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to delete the original updated boot image:
@@ -829,6 +835,8 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
         del "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Y
         ```
 
+        For more information, see [del](/windows-server/administration/windows-commands/del).
+
         ---
 
     1. Rename the exported boot image with the name of the original boot image:
@@ -847,6 +855,8 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
         Rename-Item -Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" -NewName "winpe.wim"
         ```
 
+        For more information, see [Rename-Item](/powershell/module/microsoft.powershell.management/rename-item).
+
         ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
         From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to rename the exported boot image with the name of the original boot image:
@@ -861,6 +871,8 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
         rename "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe-export.wim" "winpe.wim"
         ```
 
+        For more information, see [rename](/windows-server/administration/windows-commands/rename).
+
         ---
 
 ## Step 13: Update boot image in products that utilize it (if applicable)
@@ -868,7 +880,7 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
 After the default `winpe.wim` boot image from the Windows ADK has been updated, additional steps usually need to take place in the product(s) that utilize the boot image. The following links contain information on how to update the boot image for several popular products that utilize boot images:
 
 - [Microsoft Configuration Manager](#updating-the-boot-image-in-configuration-manager)
-- [Microsoft Deployment Toolkit (MDT)](#updating-the-boot-image-in-mdt)
+- [Microsoft Deployment Toolkit (MDT)](#updating-the-boot-image-and-boot-media-in-mdt)
 - Windows Deployment Services
 
 For any other products that utilize boot images, consult the product's documentation on updating the boot image.
@@ -980,7 +992,7 @@ For a list of all available WinPE optional components including descriptions for
 
 ### Updating Configuration Manager boot media
 
-After completing the walkthrough, including updating boot images in Configuration Manager, update any Configuration Manager task sequence media. Updating any Configuration Manager task sequence media ensures that the task sequence media has both the updated boot image and if applicable, updated boot files.
+After completing the walkthrough, including updating boot images in Configuration Manager, update any Configuration Manager task sequence media. Updating any Configuration Manager task sequence media ensures that the task sequence media has both the updated boot image and if applicable, updated boot files. For more information, see [Create task sequence media](/mem/configmgr/osd/deploy-use/create-task-sequence-media).
 
 ## Microsoft Deployment Toolkit (MDT) considerations
 
@@ -1036,4 +1048,4 @@ The **boot.wim** that is part of Windows installation media isn't supported for
 
 ## Windows Server 2012 R2
 
-This walk-through isn't intended for use with Windows Server 2012 R2. There may be additional steps necessary when using Windows Server 2012 R2, such as also having to apply the latest servicing stack update (SSU) to the WinPE boot image. For server OSes, it's recommended to use Windows Server 2016 or later for this walk-through. For more information, see [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).
+This walk-through isn't intended for use with Windows Server 2012 R2. Although the steps in this article may work with Windows Server 2012 R2 older versions of the Windows ADK, it may have compatibility problems with versions of the Windows ADK that are newer than the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). For server OSes, it's recommended to use Windows Server 2016 or later for this walk-through. For more information, see [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).

From 89a9f1bba2489fc5701dcdfb5f025b88909b0c7b Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Mon, 7 Aug 2023 12:25:46 -0400
Subject: [PATCH 53/59] Update Boot Image with CU Article 53

---
 windows/deployment/update-boot-image.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 2826d0a60b..0c305025f3 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -207,6 +207,8 @@ or
 Add-WindowsDriver -Path "C:\Mount" -Driver "C:\Drivers" -Recurse
 ```
 
+For more information, see [Add-WindowsDriver](/powershell/module/dism/add-windowsdriver).
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 From an elevated **Deployment and Imaging Tools Environment** command prompt, run one of the following commands to add drivers to the boot image:
@@ -320,6 +322,8 @@ The cumulative update installed later in this walkthrough doesn't affect drivers
 
     These examples assume a 64-bit boot image. If a different architecture is being used, then adjust the paths accordingly.
 
+    For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
+
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
     From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to add the language components for the optional components to the boot image:
@@ -338,6 +342,8 @@ The cumulative update installed later in this walkthrough doesn't affect drivers
 
     You can add as many desired optional components as needed on a single DISM.exe command line.
 
+    For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
+
     ---
 
 > [!IMPORTANT]
@@ -603,6 +609,8 @@ Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windo
 
 To overwrite the bootmgr boot files and any backed up bootmgr boot file without confirmation, for example in a script, add the `-Force` parameter to the end of the command lines.
 
+For more information, see [Copy-Item](/powershell/module/microsoft.powershell.management/copy-item).
+
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
 From an elevated command prompt, run the following command to copy the updated bootmgr boot files from the mounted boot image to the ADK installation path. These commands also back up any existing bootmgr boot files its finds. When applicable, the commands need confirmation to overwrite any existing files:
@@ -631,6 +639,9 @@ copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Ki
 
 To overwrite the bootmgr boot files and any backed up bootmgr boot file without confirmation, for example in a script, add the `/Y` parameter to the end of the command lines.
 
+
+For more information, see [copy](/windows-server/administration/windows-commands/copy).
+
 ---
 
 This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the Windows ADK when creating bootable media via the Windows ADK. When these files are updated in the Windows ADK, products that use the Windows ADK to create bootable media also have access to the updated bootmgr boot files.

From 7ffcd457e2692954eaab9f81b10c2374aef79098 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Mon, 7 Aug 2023 13:17:38 -0400
Subject: [PATCH 54/59] Update Boot Image with CU Article 54

---
 windows/deployment/update-boot-image.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/update-boot-image.md
index 0c305025f3..8397d13a9f 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/update-boot-image.md
@@ -527,6 +527,8 @@ The following steps outline how to extract and then install the servicing stack
     Start-Process "expand.exe" -ArgumentList " -f:* `"C:\Updates\windows10.0-kb5028166-x64_fe3aa2fef685c0e76e1f5d34d529624294273f41.msu`" `"C:\Updates\Extract`"" -Wait -LoadUserProfile
     ```
 
+    For more information, see [Start-Process](/powershell/module/microsoft.powershell.management/start-process) and [expand](/windows-server/administration/windows-commands/expand).
+
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
     ```cmd
@@ -539,6 +541,8 @@ The following steps outline how to extract and then install the servicing stack
     expand.exe -f:* "C:\Updates\windows10.0-kb5028166-x64_fe3aa2fef685c0e76e1f5d34d529624294273f41.msu" "C:\Updates\Extract"
     ```
 
+    For more information, see [expand](/windows-server/administration/windows-commands/expand).
+
     ---
 
 1. Inspect the extracted files in the extract folder and identify the servicing stack update (SSU) CAB file. One of the files should be called `SSU-<Version>-<Arch>.cab`. For example, `SSU-19041.3205-x64.cab`. Make a note of the name of the servicing stack update (SSU) CAB file.
@@ -559,6 +563,8 @@ The following steps outline how to extract and then install the servicing stack
     Add-WindowsPackage -PackagePath "C:\Updates\Extract\SSU-19041.3205-x64.cab" -Path "C:\Mount" -Verbose
     ```
 
+    For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage).
+
     ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
     From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to add the cumulative update (CU) to the boot image:
@@ -573,6 +579,8 @@ The following steps outline how to extract and then install the servicing stack
     DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Updates\Extract\SSU-19041.3205-x64.cab"
     ```
 
+    For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
+
     ---
 
 1. Attempt to apply the cumulative update (CU) to the boot image again using the commands from [Step 7: Add cumulative update (CU) to boot image](#step-7-add-cumulative-update-cu-to-boot-image).

From d64e00b8f4491c20abe603f18cf0814bf0ca8474 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 11 Aug 2023 12:27:46 -0400
Subject: [PATCH 55/59] Update Boot Image with CU Article 55

---
 ...-boot-image.md => customize-boot-image.md} | 175 +++++++++++-------
 1 file changed, 108 insertions(+), 67 deletions(-)
 rename windows/deployment/{update-boot-image.md => customize-boot-image.md} (92%)

diff --git a/windows/deployment/update-boot-image.md b/windows/deployment/customize-boot-image.md
similarity index 92%
rename from windows/deployment/update-boot-image.md
rename to windows/deployment/customize-boot-image.md
index 8397d13a9f..41a1c4926a 100644
--- a/windows/deployment/update-boot-image.md
+++ b/windows/deployment/customize-boot-image.md
@@ -1,6 +1,6 @@
 ---
-title: Update Windows PE boot image with the latest cumulative updates
-description: This article describes how to update a Windows PE (WinPE) boot image with the latest cumulative update.
+title: Customize Windows PE boot images
+description: This article describes how to customize a Windows PE (WinPE) boot image including updating with the latest cumulative update, adding drivers, and adding optional components.
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
@@ -17,11 +17,15 @@ appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016</a>
 ---
 
-# Update Windows PE boot image with the latest cumulative update
+# Customize Windows PE boot images
 
 <!-- 7894697 -->
 
-Microsoft recommends updating Windows PE (WinPE) boot images with the latest cumulative update for maximum security and protection. The latest cumulative updates may also resolve known issues. This walkthrough describes how to update a WinPE boot image with the latest cumulative update.
+Thw Windows PE (WinPE) boot images that are included with the Windows ADK have a minimal amount of features and drivers. However the boot images can be customized by adding drivers, optional components, and applying the latest cumulative update.
+
+Microsoft recommends updating Windows PE boot images with the latest cumulative update for maximum security and protection. The latest cumulative updates may also resolve known issues. For example, the Windows PE boot image can be updated with the latest cumulative update to address the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
+
+This walkthrough describes how to customize a Windows PE boot image including updating with the latest cumulative update, adding drivers, and adding optional components. Additionally this walkthrough will go over how customizations in boot images affect several different popular products that utilize boot images, such as Microsoft Configuration Manager, Microsoft Deployment Toolkit (MDT), and Windows Deployment Services (WDS).
 
 ## Prerequisites
 
@@ -72,7 +76,7 @@ Microsoft recommends updating Windows PE (WinPE) boot images with the latest cum
 
 1. Go to the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site and search for the latest cumulative update. The Windows version of the cumulative update should match the version of the Windows PE boot image that is being updated.
 
-1. When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. Make sure to include the quotes (`"`). For example, to search for the latest cumulative update for Windows 11 in July 2023, use the search term `"2023-07 cumulative update for windows 11"`, again making sure to include the quotes. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
+1. When searching the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site, use the search term `"<year>-<month> cumulative update for windows <x>"` where `year` is the four digit current year, `<month>` is the two digit current month, and `<x>` is the version of Windows that Windows PE is based on. Make sure to include the quotes (`"`). For example, to search for the latest cumulative update for Windows 11 in August 2023, use the search term `"2023-08 cumulative update for windows 11"`, again making sure to include the quotes. If the cumulative update hasn't been released yet for the current month, then search on the previous month.
 
 1. Once the cumulative update has been found, download the appropriate version for the version and architecture of Windows that matches the Windows PE boot image. For example, if the version of the Windows PE boot image is Windows 11 22H2 64-bit, then download the **Cumulative Update for Windows 11 Version 22H2 for x64-based Systems** version of the update.
 
@@ -394,7 +398,7 @@ Add-WindowsPackage -PackagePath "<Path_to_CU_MSU_update>\<CU>.msu" -Path "<Mount
 **Example**:
 
 ```powershell
-Add-WindowsPackage -PackagePath "C:\Updates\windows11.0-kb5028185-x64_c78aa5899ba74efdd0e354dfab80940402b3efa4.msu" -Path "C:\Mount" -Verbose
+Add-WindowsPackage -PackagePath "C:\Updates\windows11.0-kb5029263-x64_4f5fe19bbec786f5e445d3e71bcdf234fe2cbbec.msu" -Path "C:\Mount" -Verbose
 ```
 
 For more information, see [Add-WindowsPackage](/powershell/module/dism/add-windowspackage)
@@ -410,7 +414,7 @@ DISM.exe /Image:"<Mount_folder_path>" /Add-Package /PackagePath:"<Path_to_CU_MSU
 **Example**:
 
 ```cmd
-DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Updates\windows11.0-kb5028185-x64_c78aa5899ba74efdd0e354dfab80940402b3efa4.msu"
+DISM.exe /Image:"C:\Mount" /Add-Package /PackagePath:"C:\Updates\windows11.0-kb5029263-x64_4f5fe19bbec786f5e445d3e71bcdf234fe2cbbec.msu"
 ```
 
 For more information, see [Add or Remove Packages Offline Using DISM](/windows-hardware/manufacture/desktop/add-or-remove-packages-offline-using-dism) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Add-Package](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#add-package).
@@ -608,11 +612,11 @@ Copy-Item "<Mount_folder_path>\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files
 ```powershell
 Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.bak.efi"
 
-Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi" -Force
+Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgr.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\bootmgr.efi"
 
 Copy-Item "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.bak.efi"
 
-Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi" -Force
+Copy-Item "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\Media\EFI\Boot\bootx64.efi"
 ```
 
 To overwrite the bootmgr boot files and any backed up bootmgr boot file without confirmation, for example in a script, add the `-Force` parameter to the end of the command lines.
@@ -647,18 +651,17 @@ copy "C:\Mount\Windows\Boot\EFI\bootmgfw.efi" "C:\Program Files (x86)\Windows Ki
 
 To overwrite the bootmgr boot files and any backed up bootmgr boot file without confirmation, for example in a script, add the `/Y` parameter to the end of the command lines.
 
-
 For more information, see [copy](/windows-server/administration/windows-commands/copy).
 
 ---
 
-This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the Windows ADK when creating bootable media via the Windows ADK. When these files are updated in the Windows ADK, products that use the Windows ADK to create bootable media also have access to the updated bootmgr boot files.
+This step doesn't update or change the boot image. However, it makes sure that the latest bootmgr boot files are available to the Windows ADK when creating bootable media via the Windows ADK. When these files are updated in the Windows ADK, products that use the Windows ADK to create bootable media, such as **Microsoft Deployment Toolkit (MDT)**, also have access to the updated bootmgr boot files.
 
 In particular, this step is needed when addressing the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
 
 > [!NOTE]
 >
-> Both **Microsoft Configuration Manager** and **Microsoft Deployment Toolkit (MDT)** will automatically extract these bootmgr boot files from the boot images as needed. No additional steps are needed for these products.
+> **Microsoft Configuration Manager** automatically extracts these bootmgr boot files from the boot images as needed. No additional steps are needed for **Microsoft Configuration Manager**.
 
 ## Step 9: Perform component cleanup
 
@@ -682,7 +685,7 @@ Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment
 Start-Process "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" -ArgumentList " /Image:"C:\Mount" /Cleanup-image /StartComponentCleanup /Resetbase" -Wait -LoadUserProfile
 ```
 
-For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image) and [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Cleanup-Image](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#cleanup-image).
+For more information, see [Modify a Windows image using DISM: Reduce the size of an image](/windows-hardware/manufacture/desktop/mount-and-modify-a-windows-image-using-dism#reduce-the-size-of-an-image), [DISM Operating System Package (.cab or .msu) Servicing Command-Line Options: /Cleanup-Image](/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options#cleanup-image), and [Start-Process](/powershell/module/microsoft.powershell.management/start-process).
 
 ### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
@@ -845,13 +848,13 @@ For more information, see [Modify a Windows image using DISM: Unmounting an imag
         From an elevated **Deployment and Imaging Tools Environment** command prompt, run the following command to delete the original updated boot image:
 
         ```cmd
-        del "<Boot_image_path>\<boot_image>.wim" /Y
+        del "<Boot_image_path>\<boot_image>.wim" /F
         ```
 
         **Example**:
 
         ```cmd
-        del "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /Y
+        del "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /F
         ```
 
         For more information, see [del](/windows-server/administration/windows-commands/del).
@@ -952,34 +955,6 @@ The `winpe.wim` boot image from the Windows ADK should be updated because if `bo
 
 Updating `winpe.wim` from the Windows ADK ensures that the cumulative update stays applied regardless of what changes are made to the `boot.wim` boot image via Configuration Manager.
 
-### Updating the boot image in Configuration Manager
-
-After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager so that it contains the cumulative update. A new `boot.wim` boot image can be generated by using the following steps:
-
-1. Open the Microsoft Configuration manager console.
-
-1. In the Microsoft Configuration manager console, navigate to **Software Library** > **Overview** > **Operating Systems** > **Boot Images**.
-
-1. In the **Boot Images** pane, select the desired boot image.
-
-1. In the toolbar, select **Update Distribution Points**.
-
-1. When the **Update Distribution Points Wizard** window that appears:
-
-    1. In the **General**/**Update distribution points with this image** page, select the **Reload this boot image with the current Windows PE version from the Windows ADK** option, and then select the **Next >** button.
-
-    1. In the **Summary** page, select the **Next >** button.
-
-    1. The **Progress** page appears while the boot image builds.
-
-    1. Once the boot image finishes building, the **The task "Update Distribution Points Wizard" completed successfully**/**Completion** page appears. Select the **Close** button.
-
-This process updates the boot image used by Configuration Manager. It also updates the boot image and the bootmgr boot files used by any PXE enabled distribution points.
-
-> [!IMPORTANT]
->
-> If there are multiple boot images used in the environment for PXE enabled distribution points, make sure to update all of the PXE enabled boot images with the same cumulative update. This will ensure that the PXE enabled distribution points all use the version of the bootmgr boot files extracted from the boot images (if applicable).
-
 ### Add optional components manually to Configuration Manager boot images
 
 For Microsoft Configuration Manager boot images, when applying a cumulative update to a boot image, make sure to add any desired optional components manually using the command lines from the walkthrough instead of adding them through Configuration Manager. Optional components are added to boot images in Configuration Manager via the **Optional Components** tab in the **Properties** of the boot image.
@@ -1009,9 +984,37 @@ When adding optional components to any boot image used by Configuration Manager
 
 For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 
+### Updating the boot image in Configuration Manager
+
+After updating the `winpe.wim` boot image from the Windows ADK, generate a new `boot.wim` boot image for Configuration Manager so that it contains the cumulative update. A new `boot.wim` boot image can be generated by using the following steps:
+
+1. Open the Microsoft Configuration manager console.
+
+1. In the Microsoft Configuration manager console, navigate to **Software Library** > **Overview** > **Operating Systems** > **Boot Images**.
+
+1. In the **Boot Images** pane, select the desired boot image.
+
+1. In the toolbar, select **Update Distribution Points**.
+
+1. When the **Update Distribution Points Wizard** window that appears:
+
+    1. In the **General**/**Update distribution points with this image** page, select the **Reload this boot image with the current Windows PE version from the Windows ADK** option, and then select the **Next >** button.
+
+    1. In the **Summary** page, select the **Next >** button.
+
+    1. The **Progress** page appears while the boot image builds.
+
+    1. Once the boot image finishes building, the **The task "Update Distribution Points Wizard" completed successfully**/**Completion** page appears. Select the **Close** button.
+
+This process updates the boot image used by Configuration Manager. It also updates the boot image and the bootmgr boot files used by any PXE enabled distribution points.
+
+> [!IMPORTANT]
+>
+> If there are multiple boot images used in the environment for PXE enabled distribution points, make sure to update all of the PXE enabled boot images with the same cumulative update. This will ensure that the PXE enabled distribution points all use the version of the bootmgr boot files extracted from the boot images (if applicable).
+
 ### Updating Configuration Manager boot media
 
-After completing the walkthrough, including updating boot images in Configuration Manager, update any Configuration Manager task sequence media. Updating any Configuration Manager task sequence media ensures that the task sequence media has both the updated boot image and if applicable, updated boot files. For more information, see [Create task sequence media](/mem/configmgr/osd/deploy-use/create-task-sequence-media).
+After completing the walkthrough, including updating boot images in Configuration Manager, update any Configuration Manager task sequence media. Updating any Configuration Manager task sequence media ensures that the task sequence media has both the updated boot image. If applicable, it will also updat bootmgr boot files on the media by extracting the latest versions from the boot image. For more information on creating Configuration Manager task sequence media, see [Create task sequence media](/mem/configmgr/osd/deploy-use/create-task-sequence-media).
 
 ## Microsoft Deployment Toolkit (MDT) considerations
 
@@ -1019,28 +1022,6 @@ When adding a cumulative update to a Microsoft Deployment Toolkit (MDT) boot ima
 
 The `winpe.wim` boot image from the Windows ADK should be updated because if `LiteTouchPE_<arch>.wim` is updated instead, then the next time the MDT Deployment Share is updated, the changes made to `LiteTouchPE_<arch>.wim`, including the applied cumulative update, will be lost. If the `winpe.wim` boot image from the Windows ADK is updated with the cumulative update instead, then the cumulative update persists and is preserved even when the MDT Deployment Share is updated.
 
-### Updating the boot image and boot media in MDT
-
-After updating the `winpe.wim` boot image from the Windows ADK, generate a new `LiteTouchPE_<arch>.wim` boot image for MDT that contains the cumulative update by using the following steps:
-
-1. Open the Microsoft Deployment Toolkit (MDT) Deployment Workbench console.
-
-1. In the Deployment Workbench console, navigate to **Deployment Workbench** > **Deployment Shares** > **MDT Deployment Share**.
-
-1. Right click on **MDT Deployment Share** and select **Update Deployment Share**.
-
-1. In the **Update Deployment Share Wizard** window that appears:
-
-    1. In the **Options** page, select the **Completely regenerate the boot images** option, and then select the **Next >** button.
-
-    1. In the **Summary** page, select the **Next >** button.
-
-    1. The **Progress** page appears while the boot image and deployment share build.
-
-    1. Once the boot image and deployment share finish building, the **The process completed successfully**/**Confirmation** page appears. Select the **Finish** button.
-
-These steps also update the MDT boot media in the MDT Deployment Share. After following the above steps, use the newly updated ISO files in the `<DeploymnetShare>\Boot` folder to create new MDT boot media.
-
 ### MDT and Windows ADK versions
 
 Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. When MDT is used, the recommendation is to use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads) instead of the latest version of the Windows ADK. **ADK for Windows 10, version 2004** was the last version of the Windows ADK supported by MDT.
@@ -1061,10 +1042,70 @@ When adding optional components to any boot image used by MDT during the [Step 6
 
 For a list of all available WinPE optional components including descriptions for each component, see [WinPE Optional Components (OC) Reference: WinPE Optional Components](/windows-hardware/manufacture/desktop/winpe-add-packages--optional-components-reference#winpe-optional-components).
 
+### Updating the boot image and boot media in MDT
+
+After updating the `winpe.wim` boot image from the Windows ADK, generate a new `LiteTouchPE_<arch>.wim` boot image for MDT that contains the cumulative update followed by creating new MDT boot media. New MDT boot images and MDT boot media can be generated by using the following steps:
+
+1. Make sure [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path) has been completed. MDT copies the bootmgr boot files from the Windows ADK installation path to its deployment share. Following this step makes sure that the deployment share has the latest bootmgr boot files which are needed when creating MDT boot media.
+
+1. Open the Microsoft Deployment Toolkit (MDT) Deployment Workbench console.
+
+1. In the Deployment Workbench console, navigate to **Deployment Workbench** > **Deployment Shares** > **MDT Deployment Share**.
+
+1. Right click on **MDT Deployment Share** and select **Update Deployment Share**.
+
+1. In the **Update Deployment Share Wizard** window that appears:
+
+    1. In the **Options** page, select the **Completely regenerate the boot images** option, and then select the **Next >** button.
+
+    1. In the **Summary** page, select the **Next >** button.
+
+    1. The **Progress** page appears while the boot image and deployment share build.
+
+    1. Once the boot image and deployment share finish building, the **The process completed successfully**/**Confirmation** page appears. Select the **Finish** button.
+
+These steps also update the MDT boot media in the MDT Deployment Share. After following the above steps, use the newly updated ISO files in the `<DeploymentShare>\Boot` folder to create new MDT boot media.
+
 ## Windows Deployment Services (WDS) considerations
 
+### Update boot image and boot files in WDS
+
+If the WDS boot image modified was the original WDS boot image in the <RemoteInstall> folder, then the only additional step to take is to restart `Windows Deployment Services Server` service. This can be done using the following command lines:
+
+### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+From an elevated **PowerShell** command prompt, run the following command to to restart the `Windows Deployment Services Server` service:
+
+```powershell
+Restart-Service -Name WDSServer
+```
+
+For more information, see [Restart-Service](/powershell/module/microsoft.powershell.management/restart-service).
+
+### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+From an elevated command prompt, run the following command to `Windows Deployment Services Server` service:
+
+```cmd
+wdsutil.exe /Stop-Server
+wdsutil.exe /Start-Server
+```
+
+or
+
+```cmd
+net.exe stop WDSServer
+net.exe start WDSServer
+```
+
+For more information, see [wdsutil stop-server](/windows-server/administration/windows-commands/wdsutil-stop-server) and [wdsutil start-server](/windows-server/administration/windows-commands/wdsutil-start-server).
+
+---
+
+## Boot.wim support
+
 The **boot.wim** that is part of Windows installation media isn't supported for deploying Windows 11 with Windows Deployment Services (WDS). Additionally, the **boot.wim** from Windows 11 installation media isn't supported for deploying any version of Windows with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md).
 
 ## Windows Server 2012 R2
 
-This walk-through isn't intended for use with Windows Server 2012 R2. Although the steps in this article may work with Windows Server 2012 R2 older versions of the Windows ADK, it may have compatibility problems with versions of the Windows ADK that are newer than the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). For server OSes, it's recommended to use Windows Server 2016 or later for this walk-through. For more information, see [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).
+This walk-through isn't intended for use with Windows Server 2012 R2. Although the steps in this article may work with Windows Server 2012 R2 when using older versions of the Windows ADK, it may have compatibility problems with versions of the Windows ADK that are newer than the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). For server OSes, it's recommended to use Windows Server 2016 or later for this walk-through. For more information, see [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).

From 57fd4f30d120c45123230c3109f20df05bc737cb Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 11 Aug 2023 16:40:16 -0400
Subject: [PATCH 56/59] Update Boot Image with CU Article 56

---
 windows/deployment/customize-boot-image.md | 170 ++++++++++++++++++++-
 1 file changed, 165 insertions(+), 5 deletions(-)

diff --git a/windows/deployment/customize-boot-image.md b/windows/deployment/customize-boot-image.md
index 41a1c4926a..3258bd0efb 100644
--- a/windows/deployment/customize-boot-image.md
+++ b/windows/deployment/customize-boot-image.md
@@ -1070,11 +1070,13 @@ These steps also update the MDT boot media in the MDT Deployment Share. After fo
 
 ### Update boot image and boot files in WDS
 
-If the WDS boot image modified was the original WDS boot image in the <RemoteInstall> folder, then the only additional step to take is to restart `Windows Deployment Services Server` service. This can be done using the following command lines:
+### Boot image in WDS is updated
 
-### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+If the WDS boot image modified was the original WDS boot image in the `<RemoteInstall>` folder, then the only additional step to take is to restart `Windows Deployment Services Server` service. This can be done using the following command lines:
 
-From an elevated **PowerShell** command prompt, run the following command to to restart the `Windows Deployment Services Server` service:
+#### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+From an elevated **PowerShell** command prompt, run the following command to restart the `Windows Deployment Services Server` service:
 
 ```powershell
 Restart-Service -Name WDSServer
@@ -1082,9 +1084,9 @@ Restart-Service -Name WDSServer
 
 For more information, see [Restart-Service](/powershell/module/microsoft.powershell.management/restart-service).
 
-### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+#### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
 
-From an elevated command prompt, run the following command to `Windows Deployment Services Server` service:
+From an elevated command prompt, run the following command to restart the `Windows Deployment Services Server` service:
 
 ```cmd
 wdsutil.exe /Stop-Server
@@ -1102,6 +1104,164 @@ For more information, see [wdsutil stop-server](/windows-server/administration/w
 
 ---
 
+### Existing boot image in WDS is updated with a new update boot image
+
+In the following boot image replacement scenario for WDS:
+
+- The boot image modified as part of this guide is outside of the `<RemoteInstall>` folder, for example the `winpe.wim` boot image that comes with the Windows ADK
+- An existing boot image in WDS is being replaced with the updated boot image
+
+then follow these steps to update the boot image in WDS:
+
+1. Replace the existing boot image in WDS with the modified boot image using the following command lines:
+
+    #### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    In PowerShell, the original boot image needs to be removed first and then replaced with a new image. From an elevated **PowerShell** command prompt, run the following commands to replace an existing boot image in WDS with a new boot image:
+
+    ```powershell
+    Remove-WdsBootImage -Architecture <Architecture_x64_or_x86> -ImageName "<Name_Of_Existing_Boot_Image_In_WDS>"
+    Import-WdsBootImage -Path "<Path_To_Updated_Boot_Image>\<boot_image>.wim" -NewImageName "<Name_Of_Existing_Boot_Image_In_WDS>"
+    ```
+
+    **Example**:
+
+    ```powershell
+    Remove-WdsBootImage -Architecture x64 -ImageName "Microsoft Windows PE (amd64)"
+    Import-WdsBootImage -Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -NewImageName "Microsoft Windows PE (amd64)"
+    ```
+
+    For more information, see [Remove-WdsBootImage](/powershell/module/wds/remove-wdsbootimage) and [Import-WdsBootImage](/powershell/module/wds/import-wdsbootimage).
+
+    #### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    From an elevated command prompt, run the following command to replace an existing boot image in WDS with a new boot image:
+
+    ```cmd
+    wdsutil.exe /Verbose /Progress /Replace-Image /Image:"<Name_Of_Existing_Boot_Image_In_WDS>" /ImageType:Boot /Architecture:<Architecture_x64_orx86> /ReplacementImage /ImageFile:"<Path_To_Updated_Boot_Image>\<boot_image>.wim"
+    ```
+
+    **Example**:
+
+    ```cmd
+    wdsutil.exe /Verbose /Progress /Replace-Image /Image:"Microsoft Windows PE (amd64)" /ImageType:Boot /Architecture:x64 /ReplacementImage /ImageFile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim"
+    ```
+
+    For more information, see [wdsutil replace-image](/windows-server/administration/windows-commands/wdsutil-replace-image).
+
+    ---
+
+2. Once the existing boot image in WDS has been replaced, restart the WDS service:
+
+    #### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    From an elevated **PowerShell** command prompt, run the following command to to restart the `Windows Deployment Services Server` service:
+
+    ```powershell
+    Restart-Service -Name WDSServer
+    ```
+
+    For more information, see [Restart-Service](/powershell/module/microsoft.powershell.management/restart-service).
+
+    #### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    From an elevated command prompt, run the following command to restart the `Windows Deployment Services Server` service:
+
+    ```cmd
+    wdsutil.exe /Stop-Server
+    wdsutil.exe /Start-Server
+    ```
+
+    or
+
+    ```cmd
+    net.exe stop WDSServer
+    net.exe start WDSServer
+    ```
+
+    For more information, see [wdsutil stop-server](/windows-server/administration/windows-commands/wdsutil-stop-server) and [wdsutil start-server](/windows-server/administration/windows-commands/wdsutil-start-server).
+
+    ---
+
+### Updated boot image is added as a new boot image in WDS
+
+In the following boot image scenario for WDS:
+
+- The boot image modified as part of this guide is outside of the `<RemoteInstall>` folder, for example the `winpe.wim` boot image that comes with the Windows ADK
+- The updated boot image is being added as a new boot image in WDS
+
+then follow these steps to add the boot image in WDS:
+
+1. Add the updated boot image to WDS using the following command lines:
+
+    #### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    From an elevated **PowerShell** command prompt, run the following commands to add the updated boot image in WDS as a new boot image:
+
+    ```powershell
+    Import-WdsBootImage -Path "<Path_To_Updated_Boot_Image>\<boot_image>.wim" -NewImageName "<Boot_Image_Name_In_WDS>"
+    ```
+
+    **Example**:
+
+    ```powershell
+    Import-WdsBootImage -Path "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" -NewImageName "Microsoft Windows PE (amd64) - Updated"
+    ```
+
+    For more information, see [Import-WdsBootImage](/powershell/module/wds/import-wdsbootimage).
+
+    #### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    From an elevated command prompt, run the following command to replace an existing boot image in WDS with a new boot image:
+
+    ```cmd
+    wdsutil.exe /Verbose /Progress /Add-Image /ImageFile:"<Path_To_Updated_Boot_Image>\<boot_image>.wim" /ImageType:Boot /Name:"<Boot_Image_Name_In_WDS>"
+
+    ```
+
+    **Example**:
+
+    ```cmd
+    wdsutil.exe /Verbose /Progress /Add-Image /ImageFile:"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us\winpe.wim" /ImageType:Boot /Name:"Microsoft Windows PE (amd64) - Updated"
+
+    ```
+
+    For more information, see [wdsutil add-image](/windows-server/administration/windows-commands/wdsutil-add-image).
+
+    ---
+
+2. Once the existing boot image in WDS has been replaced, restart the WDS service:
+
+    #### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
+
+    From an elevated **PowerShell** command prompt, run the following command to to restart the `Windows Deployment Services Server` service:
+
+    ```powershell
+    Restart-Service -Name WDSServer
+    ```
+
+    For more information, see [Restart-Service](/powershell/module/microsoft.powershell.management/restart-service).
+
+    #### [:::image type="icon" source="images/icons/command-line-18.svg"::: **Command Line**](#tab/command-line)
+
+    From an elevated command prompt, run the following command to restart the `Windows Deployment Services Server` service:
+
+    ```cmd
+    wdsutil.exe /Stop-Server
+    wdsutil.exe /Start-Server
+    ```
+
+    or
+
+    ```cmd
+    net.exe stop WDSServer
+    net.exe start WDSServer
+    ```
+
+    For more information, see [wdsutil stop-server](/windows-server/administration/windows-commands/wdsutil-stop-server) and [wdsutil start-server](/windows-server/administration/windows-commands/wdsutil-start-server).
+
+    ---
+
 ## Boot.wim support
 
 The **boot.wim** that is part of Windows installation media isn't supported for deploying Windows 11 with Windows Deployment Services (WDS). Additionally, the **boot.wim** from Windows 11 installation media isn't supported for deploying any version of Windows with Windows Deployment Services (WDS). For more information, see [Windows Deployment Services (WDS) boot.wim support](wds-boot-support.md).

From e508a5f1e0fbd8872aac62b63258e83876fbdb48 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 11 Aug 2023 16:56:12 -0400
Subject: [PATCH 57/59] Update Boot Image with CU Article 57

---
 windows/deployment/customize-boot-image.md | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/windows/deployment/customize-boot-image.md b/windows/deployment/customize-boot-image.md
index 3258bd0efb..18cfcfb983 100644
--- a/windows/deployment/customize-boot-image.md
+++ b/windows/deployment/customize-boot-image.md
@@ -21,11 +21,11 @@ appliesto:
 
 <!-- 7894697 -->
 
-Thw Windows PE (WinPE) boot images that are included with the Windows ADK have a minimal amount of features and drivers. However the boot images can be customized by adding drivers, optional components, and applying the latest cumulative update.
+The Windows PE (WinPE) boot images that are included with the Windows ADK have a minimal number of features and drivers. However the boot images can be customized by adding drivers, optional components, and applying the latest cumulative update.
 
 Microsoft recommends updating Windows PE boot images with the latest cumulative update for maximum security and protection. The latest cumulative updates may also resolve known issues. For example, the Windows PE boot image can be updated with the latest cumulative update to address the BlackLotus UEFI bootkit vulnerability as documented in [KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932](https://prod.support.services.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) and [CVE-2023-24932](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932).
 
-This walkthrough describes how to customize a Windows PE boot image including updating with the latest cumulative update, adding drivers, and adding optional components. Additionally this walkthrough will go over how customizations in boot images affect several different popular products that utilize boot images, such as Microsoft Configuration Manager, Microsoft Deployment Toolkit (MDT), and Windows Deployment Services (WDS).
+This walkthrough describes how to customize a Windows PE boot image including updating with the latest cumulative update, adding drivers, and adding optional components. Additionally this walkthrough goes over how customizations in boot images affect several different popular products that utilize boot images, such as Microsoft Configuration Manager, Microsoft Deployment Toolkit (MDT), and Windows Deployment Services (WDS).
 
 ## Prerequisites
 
@@ -1046,7 +1046,7 @@ For a list of all available WinPE optional components including descriptions for
 
 After updating the `winpe.wim` boot image from the Windows ADK, generate a new `LiteTouchPE_<arch>.wim` boot image for MDT that contains the cumulative update followed by creating new MDT boot media. New MDT boot images and MDT boot media can be generated by using the following steps:
 
-1. Make sure [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path) has been completed. MDT copies the bootmgr boot files from the Windows ADK installation path to its deployment share. Following this step makes sure that the deployment share has the latest bootmgr boot files which are needed when creating MDT boot media.
+1. Make sure [Step 8: Copy boot files from mounted boot image to ADK installation path](#step-8-copy-boot-files-from-mounted-boot-image-to-adk-installation-path) has been completed. MDT copies the bootmgr boot files from the Windows ADK installation path to its deployment share. Following this step makes sure that the deployment share has the latest bootmgr boot files that are needed when creating MDT boot media.
 
 1. Open the Microsoft Deployment Toolkit (MDT) Deployment Workbench console.
 
@@ -1072,7 +1072,7 @@ These steps also update the MDT boot media in the MDT Deployment Share. After fo
 
 ### Boot image in WDS is updated
 
-If the WDS boot image modified was the original WDS boot image in the `<RemoteInstall>` folder, then the only additional step to take is to restart `Windows Deployment Services Server` service. This can be done using the following command lines:
+If the WDS boot image modified was the original WDS boot image in the `<RemoteInstall>` folder, then the only additional step to take is to restart `Windows Deployment Services Server` service. WDS can be restarted by using the following command lines:
 
 #### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
@@ -1108,7 +1108,7 @@ For more information, see [wdsutil stop-server](/windows-server/administration/w
 
 In the following boot image replacement scenario for WDS:
 
-- The boot image modified as part of this guide is outside of the `<RemoteInstall>` folder, for example the `winpe.wim` boot image that comes with the Windows ADK
+- The boot image modified as part of this guide is outside of the `<RemoteInstall>` folder. For example, the `winpe.wim` boot image that comes with the Windows ADK
 - An existing boot image in WDS is being replaced with the updated boot image
 
 then follow these steps to update the boot image in WDS:
@@ -1155,7 +1155,7 @@ then follow these steps to update the boot image in WDS:
 
     #### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-    From an elevated **PowerShell** command prompt, run the following command to to restart the `Windows Deployment Services Server` service:
+    From an elevated **PowerShell** command prompt, run the following command to restart the `Windows Deployment Services Server` service:
 
     ```powershell
     Restart-Service -Name WDSServer
@@ -1187,7 +1187,7 @@ then follow these steps to update the boot image in WDS:
 
 In the following boot image scenario for WDS:
 
-- The boot image modified as part of this guide is outside of the `<RemoteInstall>` folder, for example the `winpe.wim` boot image that comes with the Windows ADK
+- The boot image modified as part of this guide is outside of the `<RemoteInstall>` folder. For example, the `winpe.wim` boot image that comes with the Windows ADK
 - The updated boot image is being added as a new boot image in WDS
 
 then follow these steps to add the boot image in WDS:
@@ -1234,7 +1234,7 @@ then follow these steps to add the boot image in WDS:
 
     #### [:::image type="icon" source="images/icons/powershell-18.svg"::: **PowerShell**](#tab/powershell)
 
-    From an elevated **PowerShell** command prompt, run the following command to to restart the `Windows Deployment Services Server` service:
+    From an elevated **PowerShell** command prompt, run the following command to restart the `Windows Deployment Services Server` service:
 
     ```powershell
     Restart-Service -Name WDSServer
@@ -1268,4 +1268,4 @@ The **boot.wim** that is part of Windows installation media isn't supported for
 
 ## Windows Server 2012 R2
 
-This walk-through isn't intended for use with Windows Server 2012 R2. Although the steps in this article may work with Windows Server 2012 R2 when using older versions of the Windows ADK, it may have compatibility problems with versions of the Windows ADK that are newer than the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). For server OSes, it's recommended to use Windows Server 2016 or later for this walk-through. For more information, see [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).
+This walk-through isn't intended for use with Windows Server 2012 R2. Although the steps in this article may work with Windows Server 2012 R2 when using older versions of the Windows ADK. However it may have compatibility problems with versions of the Windows ADK that are newer than the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads). For server OSes, it's recommended to use Windows Server 2016 or later for this walk-through. For more information, see [Windows Server 2012 R2 Lifecycle](/lifecycle/products/windows-server-2012-r2).

From 6c7ffadf0a1bf1d6b093db1334c9d10c37281c2b Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 11 Aug 2023 17:03:08 -0400
Subject: [PATCH 58/59] Update Boot Image with CU Article 58

---
 windows/deployment/customize-boot-image.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/customize-boot-image.md b/windows/deployment/customize-boot-image.md
index 18cfcfb983..64a27ccf8e 100644
--- a/windows/deployment/customize-boot-image.md
+++ b/windows/deployment/customize-boot-image.md
@@ -85,8 +85,10 @@ This walkthrough describes how to customize a Windows PE boot image including up
 > [!TIP]
 >
 > It is recommended to use the full cumulative update when updating boot images with a cumulative update. However, instead of downloading the full cumulative update, the cumulative update for SafeOS can be downloaded and used instead. This will reduce the size of the final updated boot image. If any issues occur with a boot image updated with the SafeOS cumulative update, then use the full cumulative update instead.
+
+> [!NOTE]
 >
-> The SafeOS cumulative update can be found in the [Microsoft Update Catalog](https://catalog.update.microsoft.com/) site by searching on...
+> When updating the boot image in the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads), download the cumulative update for Windows 10 Version 22H2.
 
 ## Step 3: Backup existing boot image
 
@@ -1024,7 +1026,7 @@ The `winpe.wim` boot image from the Windows ADK should be updated because if `Li
 
 ### MDT and Windows ADK versions
 
-Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. When MDT is used, the recommendation is to use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads) instead of the latest version of the Windows ADK. **ADK for Windows 10, version 2004** was the last version of the Windows ADK supported by MDT.
+Microsoft Deployment Toolkit (MDT) doesn't support versions of Windows or the Windows ADK beyond Windows 10. When MDT is used, the recommendation is to use the [ADK for Windows 10, version 2004](/windows-hardware/get-started/adk-install#other-adk-downloads) instead of the latest version of the Windows ADK. **ADK for Windows 10, version 2004** was the last version of the Windows ADK supported by MDT. When updating the boot image for the ADK for Windows 10, version 2004 with a cumulative update, use the cumulative update for Windows 10 Version 22H2.
 
 ### MDT boot image required components
 

From 4ba3085c2a915dd0979a01f91e59ccda3f261436 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Fri, 11 Aug 2023 17:37:16 -0400
Subject: [PATCH 59/59] Update Boot Image with CU Article 59

---
 windows/deployment/TOC.yml                 |  2 ++
 windows/deployment/customize-boot-image.md | 13 +++++++------
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml
index 20d9752fdf..b8da7a6027 100644
--- a/windows/deployment/TOC.yml
+++ b/windows/deployment/TOC.yml
@@ -591,3 +591,5 @@
 
         - name: Install fonts in Windows client
           href: windows-10-missing-fonts.md
+        - name: Customize Windows PE boot images
+          href: customize-boot-image.md
diff --git a/windows/deployment/customize-boot-image.md b/windows/deployment/customize-boot-image.md
index 64a27ccf8e..deed6bd549 100644
--- a/windows/deployment/customize-boot-image.md
+++ b/windows/deployment/customize-boot-image.md
@@ -663,7 +663,7 @@ In particular, this step is needed when addressing the BlackLotus UEFI bootkit v
 
 > [!NOTE]
 >
-> **Microsoft Configuration Manager** automatically extracts these bootmgr boot files from the boot images as needed. No additional steps are needed for **Microsoft Configuration Manager**.
+> **Microsoft Configuration Manager** and **Windows Deployment Services (WDS)** automatically extract the bootmgr boot files from the boot images when the boot images are updated in these products. They don't use the bootmgr boot files from the Windows ADK.
 
 ## Step 9: Perform component cleanup
 
@@ -906,6 +906,9 @@ After the default `winpe.wim` boot image from the Windows ADK has been updated,
 - [Microsoft Configuration Manager](#updating-the-boot-image-in-configuration-manager)
 - [Microsoft Deployment Toolkit (MDT)](#updating-the-boot-image-and-boot-media-in-mdt)
 - Windows Deployment Services
+  - [Original WDS boot image is updated](#original-wds-boot-image-is-updated)
+  - [WDS boot image is replaced with new updated boot image](#wds-boot-image-is-replaced-with-new-updated-boot-image)
+  - [Add updated boot image as a new boot image in WDS](#add-updated-boot-image-as-a-new-boot-image-in-wds)
 
 For any other products that utilize boot images, consult the product's documentation on updating the boot image.
 
@@ -1070,9 +1073,7 @@ These steps also update the MDT boot media in the MDT Deployment Share. After fo
 
 ## Windows Deployment Services (WDS) considerations
 
-### Update boot image and boot files in WDS
-
-### Boot image in WDS is updated
+### Original WDS boot image is updated
 
 If the WDS boot image modified was the original WDS boot image in the `<RemoteInstall>` folder, then the only additional step to take is to restart `Windows Deployment Services Server` service. WDS can be restarted by using the following command lines:
 
@@ -1106,7 +1107,7 @@ For more information, see [wdsutil stop-server](/windows-server/administration/w
 
 ---
 
-### Existing boot image in WDS is updated with a new update boot image
+### WDS boot image is replaced with new updated boot image
 
 In the following boot image replacement scenario for WDS:
 
@@ -1185,7 +1186,7 @@ then follow these steps to update the boot image in WDS:
 
     ---
 
-### Updated boot image is added as a new boot image in WDS
+### Add updated boot image as a new boot image in WDS
 
 In the following boot image scenario for WDS: