|The only other way would be to use a fully updated computer to download the service packs and updates. Then test them with md5 and move to this computer.|
Yes, if you are really connected to MS, it should be secure as in https.
The way you did it was proper. Load OS, then hopefully you have security and directly go to MS for updates. The system is vulnerable between boot and final updates.