UPDATED 12-4-2006

OBSOLETE = U918547 = Unofficial Windows 98 (FE)/98 SE/ME 918547 Fix = OBSOLETE

This Fix is now OBSOLETE and has been REPLACED with this NEWer one:

* Windows ME (Millennium Edition):
Q918547: Unofficial Windows ME GDI32.DLL + GDI.EXE 4.90.3003 Fix:
http://www.mdgx.com/files/918547.TXT
Direct download [397 KB]:
http://www.mdgx.com/files/ME918547.EXE

* Windows 98 SE (Second Edition):
Q918547: Unofficial Windows 98 SE GDI32.DLL + GDI.EXE 4.10.2227 Fix:
http://www.mdgx.com/files/918547.TXT
Direct download [326 KB]:
http://www.mdgx.com/files/Q918547.EXE

If already installed unofficial U918547 Fix, please uninstall it first:
Open Control Panel -> Add/Remove Programs -> highlight "Uninstall Unofficial Windows 98/98 SE/ME U918547 Fix" -> click Add/Remove button -> reboot.
Then download + install unofficial Q918547 Fix above appropriate for your Windows edition.


____________________________________



If you still wish to try this *OBSOLETE* fix, here it is:

The Unofficial U918547 Fix [Q918547.DLL 4.10.2226 + KB918547.EXE 4.10.2226] fixes the Windows 98 FE (First Edition)/98 SE (Second Edition)/Millennium Edition (ME) Graphics Rendering Engine (GRE) Windows MetaFile (WMF) Security Vulnerability detailed in MS06-026 article:
http://www.microsoft.com/technet/security/...n/ms06-026.mspx

Download + install U918547 Fix [135 KB, English].

U918547 found here:
- Windows ME:
http://www.mdgx.com/web.htm#MEU
- Windows 98 (FE)/98 SE:
http://www.mdgx.com/web.htm#9SU

Please read U918547.TXT for complete details.

Please post any bugs/comments/tips/etc in this MSFN forum.

Looks good MDGx.

1 question first: Is there a way to delete the original runservices entry for the official 918547 and also the unofficial 891711 update? That way there is only 1 entry for each service. Maybe have a delreg for the official entry?

This will be going in the Service Pack.

the_guy

I thought there was finally no wmf vulnerability on 9x oses.

http://www.grc.com/wmf/wmf.htm

There is no need to patch it if it's not vulnerable.

I wonder the same thing sometimes
908519FX
U891711
U918547
Do we apply the fix automatically if we were doing a clean install
or do we add the broke version 1st then the fix i'm unclear on this.

For 908519, you apply the Microsoft fix first.

For 891711 and 918547, you can just apply the unofficial versions directly.

the_guy

just remember MDGx, version 4.10.2226 of Q918547.DLL & KB918547.EXE files MUST have a different DATE and TIME than version 4.10.2224 of those files.

I heard 9x is not affected by the Metefile bug......?

the_guy:Good point.
I have just added a new [QX] section [which is run by DelReg=QX] to U891711.INF + U918547.INF to delete MS official RunServices entries upon installation.

Please download updated executables:
- U891711.EXE:
http://www.mdgx.com/files/U891711.EXE
- U918547.EXE:
http://www.mdgx.com/files/U918547.EXE
____________________________________

all:

To my knowledge, the WMF bug fixed by both Q918547 + U918547 is *not* the same with the MetaFile bug discussed at GRC.com:
http://www.grc.com/wmf/wmf.htm
and detected by MouseTrap:
http://www.grc.com/files/MouseTrap.exe
This bug is present only in NTx [NT4/2000/XP/2003] OSes, and is described in MS06-001:
http://www.microsoft.com/technet/security/...n/ms06-001.mspx
because if one runs MouseTrap on 9x OSes, they are found to be bug-free.

The WMF MetaFile bug fixed by both 918547 fixes in 98/98 SE/ME OSes and described in MS06-026:
http://www.microsoft.com/technet/security/...n/ms06-026.mspx
is different, and so far, MS has not [*yet*] released any source code, full disclosure, proof-of-concept nor demo test for it.
Please read "AUTHOR's NOTES" in U918547.TXT for complete details:
http://www.mdgx.com/files/U918547.TXT

Comments from the U891711 + U918547 author:
____________________________________

PROBLEMCHYLD:

Unofficial 908519FX fix does only 1 thing, and requires MS official Q908519 fix already installed
[please read documentation before posting] = found here:
http://www.mdgx.com/web.htm#9SU

Quoted from above:
* Microsoft Windows 98/98 SE Embedded Web Fonts T2EMBED.DLL 5.00.2195.7073
Security Vulnerability Fix:
http://www.microsoft.com/technet/security/...n/ms06-002.mspx
Direct download [211 KB, English]:
http://download.windowsupdate.com/msdownlo...b8bd1b389f9.EXE
Requires MS IE 5.5 SP2 or newer already installed:
http://www.mdgx.com/toy.htm#IEX
BUG: T2EMBED.DLL Fix above installs BUGgy INF file!
FIX: MUST Install this INF Fix [63 KB]:
http://www.mdgx.com/files/908519FX.EXE
AFTER installing T2EMBED.DLL Fix above!

About U891711:
Please read here:
http://www.mdgx.com/web.htm#9SU
and U891711.TXT for complete details:
http://www.mdgx.com/files/U891711.TXT

About U918547:
Please read here:
http://www.mdgx.com/web.htm#9SU
and U918547.TXT for complete details:
http://www.mdgx.com/files/U918547.TXT
____________________________________

erpdude8:
MS official Q918547.EXE contains Q918547.DLL + KB918547.EXE with date stamp 4-26-2006.
Unofficial U918547.EXE contains Q918547.DLL + KB918547.EXE with date stamp 6-20-2006.

HTH

Revise them again, MDGx. I've made more changes to the U891711.INF and U918547.INF files that will also delete the 891711UP.INF and KB918547.INF files from the \WINDOWS\INF\QFE\W98\ and \WINDOWS\INF\QFE\WINME\ folders. And the U891711 & U918547 patches need to be prevented from installing under Win95 systems as they can cause potential problems under W95.

NOTE that the WinME version of the KB918547 update can NOT be un-installed. Only the Win98 version of KB918547 can be removed.

Good idea.
I have added new sections to both U*.INF files to completely remove all traces of MS official fixes (if any).

Both SED files already contain proper lines to disable install under Win95 + NTx OSes.

WinME version of Q918547 is replaced with U918547 files, whenever one installs U918547 on WinME.
Please test this on WinME, and let me know if that's not true.

Please download again:
- U891711.EXE:
http://www.mdgx.com/files/U891711.EXE
- U918547.EXE:
http://www.mdgx.com/files/U918547.EXE

HTH

UPDATED 6-28-2006

Please see top of this topic to download + install updated patch:
http://www.msfn.org/board/?showtopic=77218

new unofficial 918547 fixes for win98se & winme listed here:
http://www.msfn.org/board/index.php?showtopic=46581&st=0
new unofficial 918547 patch for win98fe still a work in progress. it'll be posted when ready

there wont be another unofficial 918547 gdi.exe/gdi32.dll fix just for win98fe. author suggests using gdi.exe & gdi32.dll v4.10.2227 w98se files from Q918547.exe.

I applied this fix after the original M$ fix and i still get the red X
in the Update Information Tool

Microsoft Q918547 QFEChceck information was screwed up for Win98, pointing to the wrong folder. Download and run 918547FX.EXE from MDGx's web site:
http://www.mdgx.com/files/918547FX.EXE
This will FIX Microsoft's blunder for the Q918547 QFECheck info for Win98.

Thanx for the fix erpdude8
but when i install the unofficial it still says version 4.10.0.2224
instead of 4.10.0.2227 why is this?

OBSOLETE fixes:
- Microsoft Windows 98/98 SE Q918547.DLL 4.10.2224 + KB918547.EXE 4.10.2224 Fix [145 KB]:
http://download.windowsupdate.com/msdownlo...0a47a89e3ce.exe
BUG: Q918547.DLL + KB918547.EXE Fix above installs BUGgy INF file!
FIX: MUST Install this INF Fix [63 KB]:
http://www.mdgx.com/files/918547FX.EXE
AFTER installing Q918547.DLL + KB918547.EXE Fix above!

As you can see, the official M$ fix installs Q918547.DLL 4.10.2224 + KB918547.EXE 4.10.2224 .
918547FX.EXE only corrects errors after installing official Q918547 fix.

Unofficial U918547 installs Q918547.DLL 4.10.2226 + KB918547.EXE 4.10.2226 .
Unofficial fix overwrites official M$ fix.

But both these fixes are now *obsolete*.
You must install 1 of these newer ones instead:

* Windows ME (Millennium Edition):
Q918547: Unofficial Windows ME GDI32.DLL + GDI.EXE 4.90.3003 Fix:
http://www.mdgx.com/files/918547.TXT
Direct download [402 KB]:
http://www.mdgx.com/files/ME918547.EXE

* Windows 98 SE (Second Edition):
Q918547: Unofficial Windows 98 SE GDI32.DLL + GDI.EXE 4.10.2227 Fix:
http://www.mdgx.com/files/918547.TXT
Direct download [329 KB]:
http://www.mdgx.com/files/Q918547.EXE

HTH

What about 905915/905915fx

These are the only 905915 fixes I have at my site [1 official + 1 unofficial]:

- OLD MS IE 5.5 SP2 Patch for Windows ME [3.08 MB]:
http://download.windowsupdate.com/msdownlo...57c6d0e68c4.exe
- OLD Unofficial MS IE 5.5 SP2 Patch for Windows 98/98 SP1/98 SE/NT4 SP6a/2000 [3.07 MB]:
http://www.mdgx.com/files/IE905915.EXE
Both linked here:
http://www.mdgx.com/ietoy.htm#IEC

Please note that these are *old* fixes [do not contain latest security patches], which means M$ has not issued any recent ones, because they have discontinued support for IE 5.5 SP2 a long time ago.

Now that the Explorer lockup bug has been fixed in 98 (FE), 98 SP1 + 98 SE:
http://www.msfn.org/board/?showtopic=84451
there isn't any serious reason [other than personal preference] why one should not install IE 6.0 SP1 and all its security fixes:
http://www.mdgx.com/ietoy.htm#BRO
because IE 6.0 SP1 is the only IE edition that has been updated with all current security fixes [even if some of them are unofficial].

HTH

Is there a way for this to register so i don't keep getting that nagging notification
@ Windows Update saying i need to install this file.

be more specific, Hu$tle. are u talking about unofficial 918547 or 905915 patch?

Yes i mean unofficial 918547 even after i install which is the only update i install

Hu$tle, you'll have to email me or send me a PM and I'll send you the INF file that will register the 918547 fix (whether 918547 is official or unofficial). when WU looks for the 918547 registry entries, WU will think the 918547 patch is already installed and wont ask for it again.

This means the INF should be updated to Version 4.10.2227 and added to the unofficial updated right.

wrong, PROBLEMCHYLD. you seem to be a little confused on this matter. I'll try to straighten this out.

The 918547FX.EXE patch should ONLY be used IF installing Microsoft KB918547 patch. If you install U918547 patch that has v4.10.2226 of kb918547.exe & q918547.dll files OR the "other" U918547 fix for Win98se that has GDI.EXE & GDI32.DLL v4.10.2227 files, then 981547FX.EXE is NOT needed.

what MDGx meant by "Q918547.DLL + KB918547.EXE Fix above installs BUGgy INF file!" is that the Microsoft KB918547 patch installs incorrect QFECHECK registry information from its INF file and when you run QFECheck, it will say that the Q918547.DLL + KB918547.EXE files are "Not Found". The reg info provided in the INF file from original MS 918547 patch points to the WRONG folder

also, the INF has NOTHING to do with it being updated to version 4.10.2227 - this is where you got confused

the 918547FX.EXE patch was created to FIX the INCORRECT QFECheck registry information about the Microsoft KB918547 update and QFECheck will properly list the updated 918547 files.

U918547.EXE = Updated 12-4-2006

Fixed INF installer for WinME.
Now uninstalls M$ official KB918547.

STRONGLY RECOMMENDED:
Please uninstall U918547 and install the NEWer Q918547 Fix appropriate for your Windows edition:

* Windows ME (Millennium Edition):
Q918547: Unofficial Windows ME GDI32.DLL + GDI.EXE 4.90.3003 Fix:
http://www.mdgx.com/files/918547.TXT
Direct download [397 KB]:
http://www.mdgx.com/files/ME918547.EXE

* Windows 98 SE (Second Edition):
Q918547: Unofficial Windows 98 SE GDI32.DLL + GDI.EXE 4.10.2227 Fix:
http://www.mdgx.com/files/918547.TXT
Direct download [326 KB]:
http://www.mdgx.com/files/Q918547.EXE

What i meant is when i install the unofficial patch Windows Update still say i need to install
the update as if it didn't detect that it was already installed.

Sort of how U891711 is when you install the unofficial U891711
without the official Windows Update detect it being installed
so you don't get thee prompt to install the official because its already detected
you get what i'm saying now.

U891711 is unofficial, therefore will not register itself as an official update.
This means Windows Update [WU] will still prompt to install the official update.

BTW:
I have designed U891711 to delete all other similar patches [official M$ Q891711 and Tihiy's TI891711] and all their "traces" from the registry.

If you want to register U891711 with WU, you can add these entries to your registry:HTH

not on my system when i apply the unofficial patch Windows Update doNot prompt me
to install the official update for kb891711

FORGET IT, PROBLEMCHYLD! MDGx said it best. If you install official KB891711 patch, Windows Update will not ask you to install that patch again. But if you install unofficial 891711 patch Windows Update will ask you to install official KB891711 fix. That's NO big deal [I mean, SO WHAT IF Windows Update offers the KB891711 patch after installing unofficial U891711 update]. Unofficial patches arent supposed to be detected by WU. Move on and get over it.

as Microsoft would say, that's "by design"

ditto with the 918547 patches, both official and unofficial

You right but the one before this update Windows had detected it as being installed yes the unofficial
but this newest one the folder was change is why its not detected, its ok no biggie

Win95 users rejoice! I have manually installed the U918547 Fix [Q918547.DLL 4.10.2226 + KB918547.EXE 4.10.2226] files on a Win95 SR2 system and they work.

MDGx, can you revise the U918547 fix to also install under Win95, just like you did with U891711?

I thought Windows 95 wasn't affected by the WMF vulnerability? I searched around for info and did a couple tests to come to that conclusion.

And isn't this another one of those "inject DLL instead of patching the file" fixes? I prefer fixing the actual file...

it would be nice if the GDI files were patched under 95 but again, that's up to the discretion of the anonymous author who made the unofficial 918547 gdi.exe/gdi32.dll patches for win98se/me (unless of course, YOU, BenoitRen, have the technical skills to patch the GDI files yourself)

I do not believe that the installer has been updated yet, so I'm bumping this topic.

I just tried it on a 95 SP1 Virtual PC and it works flawlessly.

the_guy