I have been using a the wsusscn2.cab file and WUA in a script for years to determine the latest non-superseded applicable UpdatesIDs so that I can download them and bring them to my offline networks. Now that we are moving to Windows 11 it seems to me that the wsusscn2.cab file does not have any of the Windows 11 updates in there. For example when I query the package.xml contained in the .cab for the update KB5039212 I am unable to find the update ID faaf2140-998d-4955-a871-9b269ea48b0e which corresponds to the Windows 11 June 2024 cumulative update for 23H2 systems (https://www.catalog.update.microsoft.com/Search.aspx?q=faaf2140-998d-4955-a871-9b269ea48b0e). The only update returned for this KB from the wsusscn2.cab file is for Windows 10 and later GDR-DU.
Unfortunately, due to the constraints placed on me I am unable to use other methods to update these machines, such as a WSUS server, and I'm not allowed to connect them to the internet. I understand that I can just use the latest cumulative, but would like a more robust script that identifies all the updates wanted by the OS including updates such as the .NET Framework updates (which actually do show in the wsusscn2.cab file) and any others that MS adds to the catalog that would be applicable.
Does anyone know if there is an alternative to the WSUSSCN2.cab for Windows 11 to detected needed updates or some other method to detected the missing updates?