This document uses the following terms:
client computer: (1) A computer that receives and applies settings from a Group Policy Object (GPO), as specified in [MS-GPOL].
ClientIdString: A globally unique string that identifies a client machine to the update server. It is between 1 and 255 characters in length and contains only the letters a-z, the digits 0-9, or the hyphen.
conjunctive normal form (CNF): A logical formula consisting of a conjunction of disjunctions of terms in which no disjunction contains a conjunction. For example, A OR (B AND C) is not in CNF, whereas the equivalent (A OR B) AND (A OR C) is in CNF.
Cryptographic Application Programming Interface (CAPI) or CryptoAPI: The Microsoft cryptographic application programming interface (API). An API that enables application developers to add authentication, encoding, and encryption to Windows-based applications.
disjunctive normal form (DNF): A logical formula consisting of a disjunction of conjunctions of terms in which no conjunction contains a disjunction. For example, A AND (B OR C) is not in DNF, whereas the equivalent (A AND B) OR (A AND C) is in DNF.
globally unique identifier (GUID): A term used interchangeably with universally unique identifier (UUID) in Microsoft protocol technical documents (TDs). Interchanging the usage of these terms does not imply or require a specific algorithm or mechanism to generate the value. Specifically, the use of this term does not imply or require that the algorithms described in [RFC4122] or [C706] must be used for generating the GUID. See also universally unique identifier (UUID).
locale: An identifier, as specified in [MS-LCID], that specifies preferences related to language. These preferences indicate how dates and times are to be formatted, how items are to be sorted alphabetically, how strings are to be compared, and so on.
man in the middle (MITM): An attack that deceives a server or client into accepting an unauthorized upstream host as the actual legitimate host. Instead, the upstream host is an attacker's host that is manipulating the network so that the attacker's host appears to be the desired destination. This enables the attacker to decrypt and access all network traffic that would go to the legitimate host. The attacker is able to read, insert, and modify at-will messages between two hosts without either party knowing that the link between them is compromised.
metadata: XML-formatted data that defines the characteristics of an update, including its title, description, rules for determining whether the update is applicable to a client computer, and instructions for installing the update content.
quick fix engineering (QFE): Quick fixes by engineering, also called QFEs, are a small update designed to address a specific software bug. They are uniquely numbered to enable each fix to be identified easily by its associated QFE number.
Secure Sockets Layer (SSL): A security protocol that supports confidentiality and integrity of messages in client and server applications that communicate over open networks. SSL supports server and, optionally, client authentication using X.509 certificates [X509] and [RFC5280]. SSL is superseded by Transport Layer Security (TLS). TLS version 1.0 is based on SSL version 3.0 [SSL3].
self-update: A process by which a client first communicates with the update server to detect updates to the executable files that implement the client role on computers running Windows, and then applies those updated executable files before carrying on further communication.
SHA1 hash: A hashing algorithm defined in [FIPS180] that was developed by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).
SOAP: A lightweight protocol for exchanging structured information in a decentralized, distributed environment. SOAP uses XML technologies to define an extensible messaging framework, which provides a message construct that can be exchanged over a variety of underlying protocols. The framework has been designed to be independent of any particular programming model and other implementation-specific semantics. SOAP 1.2 supersedes SOAP 1.1. See [SOAP1.2-1/2003].
target group: A named collection of client computers whose members are defined administratively.
update category: A group of updates. Each update belongs to zero or more update categories. An update category can be a product category that contains updates for a particular product, or a classification category that contains updates of a particular classification (for example, all security updates).
update server: A computer that implements the Windows Server Update Services: Server-Server Protocol or the Windows Server Update Services: Client-Server Protocol to provide updates to client computers and other update servers.
Web Services Description Language (WSDL): An XML format for describing network services as a set of endpoints that operate on messages that contain either document-oriented or procedure-oriented information. The operations and messages are described abstractly and are bound to a concrete network protocol and message format in order to define an endpoint. Related concrete endpoints are combined into abstract endpoints, which describe a network service. WSDL is extensible, which allows the description of endpoints and their messages regardless of the message formats or network protocols that are used.
Windows Server Update Services (WSUS): An optional component that enables a machine to operate as an update server.
Windows Update Agent (WUA): A component originally introduced in the Windows 2000 Server operating system Service Pack 3 (SP3) operating system that enables a computer to operate as a client of an update server.
MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as defined in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.