[bristols]

Thanks WildBill.

Added 2393802 (MS11-011) v8 to the Windows 2000 Post-SP4 Updates for HFSLIP page.

This post has been edited by bristols: 14 September 2012 - 10:12 AM

[MacLover]

Turns out that for the ATI 9.x driver needed for my netbook (The 11.x driver installed but wouldn't start - I don't think this is an issue with your patch as the same things happen on XP with the desktop drivers (AMD does not provide reference drivers for its notebook chipsets) ) needs one more API to function:
NTOSKRNL.EXE -> vDbgPrintEx

For now, I'll try hex-editing the driver to use DbgPrintEx and see what happens

EDIT: Looks like hex-editing the driver did no good, I'll just use blackwingcat's driver for now

EDIT: Interestingly enough, the Realtek HD Audio drivers from 2011 refuse to start on Windows 2000 despite the fact all needed APIs are present (Code 10 in Device Manager)

This post has been edited by MacLover: 05 December 2011 - 01:04 PM

[WildBill]

I'll see about adding vDbgPrintEx when I can. In other news, I have a local version of MS11-020 that has a kerberos that's based on the HBR version, but it looks like analyzing samsrv is going to take significantly longer. I might release an interim one with the upgraded kerberos one in the meantime (the HBR merely adds a length check on incoming messages).

[MacLover]

Looks like the Realtek HD Audio Driver issue is caused by a patch somewhere as I just installed a "cleaner" Win2k disc with only the official patches, IE6, DirectX 9, and MSXML integrated. The latest driver from Realtek.com installed just fine using that install.

I'll try to narrow down the problem as soon as possible.

EDIT: I manually installed every unofficial fix, the issue didn't show up, which tells me that something went wrong with my fully slipstreamed Win2k DVD. In other words, there's nothing wrong with any of your patches

EDIT: Turns out the issue was caused by the way DriverPacks integrates KB888111

This post has been edited by MacLover: 07 December 2011 - 12:31 AM

[tomasz86]

I added a new update (thanks to bristols for this one):


MS10-063 Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution
Windows2000-UU-KBz2288621-x86-Global.exe

usp10.dll 1.626.6002.22402

It replaces 981322.

[WildBill]

Another day, another version

MS11-020 v6 is posted, with the following changes:

- incorporates KB907868 (kerberos length-validation HBR)
- incorporates MS11-013 (KB2496930: Vulnerabilities in Kerberos Could Allow Elevation of Privilege)
- incorporates MS11-014 (KB2478960: Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege)

The samsrv HBR will take quite a while to analyze, and I have some higher priorities at the moment, e.g. adding vDbgPrintEx to ntoskrnl, et.al. and porting MS11-034 (which will also take a while to analyze). These priorities are open to change, of course, especially if anyone else wants to determine the necessary changes to samsrv in the meantime...

This post has been edited by WildBill: 07 December 2011 - 11:27 PM

[WildBill]

One caveat about MS011-013: while I believe I've faithfully ported the patch and it seems to work fine, from my analysis I'm not certain that MS took the patch quite far enough. Maybe I'm just being paranoid, but I might take a second look at their patch tomorrow as I'm not convinced that they fully closed the security hole...

Edit...false alarm, it looks okay

This post has been edited by WildBill: 08 December 2011 - 05:29 PM

[WildBill]

New patch posted: MS11-038 Vulnerability in OLE Automation Could Allow Remote Code Execution (critical). You can find it on the master list...

This post has been edited by WildBill: 08 December 2011 - 08:20 PM

[tomasz86]

Thanks WildBill

I prepared a new version of the update.ver making script. It now works not only for updates but for service packs too! It supports only Windows 2000 at the moment but I plan to make it compatible with both XP & 2003. Now you don't even have to unpack updates - you just have to place them in HF. Unpacked or not, they'll still be processed. I also greatly improved the speed of it and made it more "pretty" (files which are being processed are now displayed on the screen).

You can download it here. The URL is the same as before.

This post has been edited by tomasz86: 11 December 2011 - 09:53 AM

[tomasz86]

int0x13, on 29 November 2011 - 08:18 AM, said:

Alright, i will try KDW, didnt know this tool. Also i'd like to know how to add a simple function from one dll into another one using "PE TOOL", is there any how to to do this?
The tool i'd like to run under win2k PRO (and 2k PRO server if possible) it's here: here
To test the tool , you have to install it under XP+ and then copy the install folder or unpack the installer.
Thank you for your help.

I'm very sorry for such a late reply.

I actually managed to install the application in Windows 2000 using KDW and setting OS version to XP SP3 in fcwin2k.exe. The real problem is that there are a lot of dependencies missing, not only the one related to iphlpapi.dll. The dlls from KDW won't be enough to fix them because they lack some functions which are required by the program.

I'll try to play with some dlls copied directly from XP and see if it's possible to achieve something. At this moment I'd say there is no more than about 20% chance that it'll run under Win2k.

[tomasz86]

WildBill,

I have just two questions/suggestions for you

1. What do you think about making a v10 of 2479628 (MS11-012) which would include all changes done by me (v9) and you (v7). Having two versions of the same patch is confusing and v9 is already included on the bristols' updates list. Do you have any objections against it? If not, I'd like to ask you to do it or (if you're busy and don't have time) I can do it myself.


2. What do you think about making multilanguage updates? Up to now I've prepared multilanguage versions of some of your updates separately but I'd be probably much better if one update was made by just one person to avoid any unexpected issues. Checking if the update is multilanguage is pretty simple. You must just check the same update available for some other language and see if the file included is the same one (its langauge version will be English or "language neutral"). If it is then it means that it's interchangeable between different language versions of Windows and one update can be made for all of them.

You just have to edit update.inf like this:

[Strings]
LangTypeValue = 0x0

After doing so the update will install in any language version of Windows. The installer will be in English but it doesn't matter at all.


3. I'd like to ask you about unofficial updates' filenames. As you've probably noticed I use the following scheme:

Windows2000-UU-(HBR-)KB(zX)XXXXXX-x86-XXX.exe

By doing so it's clear what kind of update it is by just looking at the filename. It's extremely easy to separate official and unofficial updates and HBRs thanks to it. Adding the "z" before 2 in KB2* for new updates makes them listed at the end, after the older ones starting from 8/9. What's you opinion about it? I know you've sticked to the official M$ filename style but wouldn't it be better to have unofficial updates clearly distinguished from the official ones to avoid any misunderstandings?

These are just my proposals I just believe that it would be nice to have some kind of "official" structure for the UUs.

Please share your opinion about them.

This post has been edited by tomasz86: 16 December 2011 - 12:18 PM

[tomasz86]

I added some new updates.

MS07-?: SetupDiGetDeviceRegistryProperty function returns an incorrect RequiredSize value on DBCS characters in Windows 2000
Windows2000-UU-HBR-KB888609-v4-x86-ENU.exe

MS07-? A microcode reliability update is available that improves the reliability of systems that use Intel processors
Windows2000-UU-KB936357-v4-x86-Global.exe

MS11-090: Cumulative Security Update for ActiveX Kill Bits
Windows2000-UU-KBz2618451-x86-Global.exe


The first two are recompiled versions of updates made by BlackWingCat. The third one (2618451) replaces 2562937.

[tomasz86]

One more update:

MS11-? Security update for Windows Fax Cover Page Editor MFC components
Windows2000-UU-HBR-KBz2584577-x86-Global.exe

mfc42.dll 6.2.8092.0
mfc42u.dll 6.2.8092.0

It's a HBR and replaces 2506212.

[MacLover]

I've done some tests with the updates from this month's Patch Tuesday and these are my results:
MS12-002: Didn't test this one but it looks like a simple registry fix.
MS12-003: Didn't even try as it updates a core system file (WINSRV.DLL)
MS12-004: The DirectShow (QUARTZ.DLL,QDVD.DLL) update worked fine but the Windows Multimedia Library (WINMM.DLL,MCISEQ.DLL) part broke sound completely.
MS12-005: Works (Seems PACKAGER.EXE hasn't changed much since the NT4 days...)
MS12-006: Works thanks to WildBill's MS11-011 and MS11-020 updates. (SCHANNEL.DLL,WINHTTP.DLL)

[blackwingcat]

The worst vulnerability (in windows history) MS12-004, was showed By Microsoft
I released MS12-004 for WIndows 2000 Japanese Version yesterday.
But I don't have English version WINMM.DLL,MCISEQ.DLL.
Is there Anyone provide me the Dlls ?

Windows Legacy Update

MacLover, on 11 January 2012 - 02:43 PM, said:

I've done some tests with the updates from this month's Patch Tuesday and these are my results:
MS12-002: Didn't test this one but it looks like a simple registry fix.
MS12-003: Didn't even try as it updates a core system file (WINSRV.DLL)
MS12-004: The DirectShow (QUARTZ.DLL,QDVD.DLL) update worked fine but the Windows Multimedia Library (WINMM.DLL,MCISEQ.DLL) part broke sound completely.
MS12-005: Works (Seems PACKAGER.EXE hasn't changed much since the NT4 days...)
MS12-006: Works thanks to WildBill's MS11-011 and MS11-020 updates. (SCHANNEL.DLL,WINHTTP.DLL)

This post has been edited by blackwingcat: 11 January 2012 - 05:44 PM

[blackwingcat]

Thx acus.

I released English Version MS12-004 for Windows 2000 and XP SP2.

You can download My Security Patch site

it includes both KB2598479 and KB2631813.

[tomasz86]

Thank you MacLover for useful information and thank you BlackWingCat for these updates


I've prepared some new updates too.

Added:

MDAC 2.81 HBR Rollup - 950982, 960071 & 961451 combined into an update rollup
Script 5.8 (v2) - updated jscript.dll to the newest version
953024,970063 - two new HBRs as one update (files overlap each other)
959334 - a new HBR
971913 - a new HBR for MSI 3.1
2584146 - updated version of packager.exe from Jan 2012 Security Bulletin; available in 24 languages
2603381 - update from Jan 2012 Security Bulletin (registry fix only)

Removed:

960071,961451 - merged into one rollup together with 950982
Script 5.8 - replaced by Script 5.8 (v2)

Download

PS
I've also been testing MS12-006 but I think it'll be better to wait for some time before making a W2K version, just to be sure that there are no issues related to it.

This post has been edited by tomasz86: 15 January 2012 - 07:02 PM

[tomasz86]

I'm not sure about it at this moment but it might be necessary to put 2603381 to HFSVCPACK_SW1 when slipstreaming in HFSLIP. I'll try to test it when I've got some time.

[tomasz86]

I prepared one more update:

914783 - XMLLite
943729 - new Group Policy preferences

Windows2000-UU-KB914783-KB943729-x86-ENU.exe

Slipstreamable from HFSVCPACK_SW1 folder.

[tomasz86]

I prepared a XPS / WIC Full Pack which is inspired by this addon originally made by Yumeyao and updated by ricktendo64. It's not the same as not all files are supported in Windows 2000 (especially the newest versions coming from W7 are usually not). I also added WIC and XPS Viewer.

Windows2000-XPSWIC-x86-Global.exe (HFSVCPACK_SW1)

WildBill's kernel is requried.