Wow! You've been really busy. It's great to see that interest is still strong
I just posted an updated MS10-054 patch and updated the main page. I found some serious bugs in the original patch that was causing lockups and crashes. If you have it installed, I strongly urge installing the new one.
My MS11-011 and MS11-020 patches are almost ready; I just want to add a little more to the MS11-011 first. I might have bitten off a little too much with them which is why they've been taking so long. They both go far beyond the original patch and are more of micro service packs. MS11-011 adds a ton of API routines to the kernel and MS11-020 adds a few more important ones. The result is that quite a few programs or drivers that only worked on XP might work now. With these installed, IDA Pro 6.1, Overlord, Free Orion, and my smart card driver work, at least. The last little bit I want to add is for the Avast antivirus sandbox -- I'd really like to have that available, and I need to add just two more API's to at least satisfy all the dependencies (devising a fully thread-safe implementation for PsCallImageNotifyRoutines, PsSetLoadImageNotifyRoutine, and PsRemoveLoadImageNotifyRoutine was a bit tricky). The patch also adds everything that's in blackwingcat's v5a kernel update, though my implementation goes a bit farther (it has proper implementations of EncodePointer and DecodePointer, for instance). It also adds complete support for the SafeProcessSearchMode and SafeDllSearchMode registry keys, such that behavior will be the same as on XP. I had tried to also put in support for KB968389, but that requires a lot of changes to several authentication DLL's to add support for channel binding. I've laid a lot of the groundwork for it and upgraded some of the necessary DLL's, but the required changes to kerberos.dll are such that I might just declare victory and release them in their present form.
After installing my MS11-011 patch, it's critical to NOT install any of blackwingcat's kernel expansion patches because mine expands the internal process structure so that true-blue EncodePointer and DecodePointer can work. While installing his update afterward would probably still boot up afterward, it would break EncodePointer and DecodePointer, which are in my updated ntdll.dll.
This post has been edited by WildBill: 31 August 2011 - 11:00 PM