Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

KB2728973 , rvkroots.exe, will throw up an error when trying to integr

- - - - -

  • Please log in to reply
5 replies to this topic

#1
-X-

-X-

    Member

  • MSFN Sponsor
  • 2,414 posts
  • Joined 08-January 04
  • OS:XP Pro x86
  • Country: Country Flag

Donator

KB2728973 , rvkroots.exe (Revoked Roots Update), will throw up an error when trying to integrate with nLite... Fixed in the new nLite. nLite



I have created an add-on creator that correctly adds it to the SVCPACK folder. Download here: Add-on no longer needed. Use the new nLite. nLite

This is for those that don't use my UDC script. For those that do, sit tight while I add it to this months update.

More info: KB Article Security Advisory

Note: This update replaces KB2718704 and will probably be the way MS handles those pesky Digital Certificates from now on.


Edited by -X-, 02 September 2013 - 10:54 AM.

Download all Windows XP Post SP3 High-Priority Updates with a simple double click @ xdot.tk post-12166-0-42859000-1399044129.png ]
               If someone helps you fix a problem, please report back so they and others can benefit from the solution. Thanks!



How to remove advertisement from MSFN

#2
Explorer09

Explorer09

    Member

  • Member
  • PipPip
  • 182 posts
  • Joined 12-September 11
What about the crypt32.dll file in the KB2718704 update? Does KB2728973 patch that file?

EDIT: I figured it out. No, rvkroots.exe does not contain the file, so it does NOT replace KB2718704.

Edited by Explorer09, 10 July 2012 - 08:54 PM.


#3
Explorer09

Explorer09

    Member

  • Member
  • PipPip
  • 182 posts
  • Joined 12-September 11
Double post.

I've installed the update and extracted 28 new registry entries in the update. I think this could make slipstreaming much easier.

See the attached .reg file.

rvkroots.exe should modify other certificate entries as well, but I found that it was only the header that was changed, so it won't matter.

Edit (14 July 2012): I upload a new version because I forgot this registry entry in the previous one:
; Windows Update checks this.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C3C986D6-06B1-43BF-90DD-BE30756C00DE}]
"Version"="1,0,2195,0"

Mirrors: http://ge.tt/9Xyy0VK/v/0 , http://dl.dropbox.co...roots-certs.reg

Attached Files


Edited by Explorer09, 14 July 2012 - 09:54 AM.


#4
-X-

-X-

    Member

  • MSFN Sponsor
  • 2,414 posts
  • Joined 08-January 04
  • OS:XP Pro x86
  • Country: Country Flag

Donator

Yeah, I have a reg file already.

I forgot about crypt32.dll....

Known issues with this security update

This security update does not include the functionality to remove trust of non-leaf certificates in Windows XP and in Windows Server 2003. To add the functionality for removing trust of non-leaf certificates for Windows XP and for Windows Server 2003, you must install one of the following security updates:
2616676 Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing
2641690 Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing
2718704 Unauthorized digital certificates could allow spoofing


Download all Windows XP Post SP3 High-Priority Updates with a simple double click @ xdot.tk post-12166-0-42859000-1399044129.png ]
               If someone helps you fix a problem, please report back so they and others can benefit from the solution. Thanks!


#5
Explorer09

Explorer09

    Member

  • Member
  • PipPip
  • 182 posts
  • Joined 12-September 11
When I attached my .reg file, I mean it is possible to integrate those registry entries directly into nLite.inf, just like the old KB2718704 update did.

Your UDC script only scheduled the program to run when the Windows setup starts to install hotfixes. I personally don't like your method.

#6
-X-

-X-

    Member

  • MSFN Sponsor
  • 2,414 posts
  • Joined 08-January 04
  • OS:XP Pro x86
  • Country: Country Flag

Donator

Here's your preferred method for those that want it.

This attachment is now obsolete. Removed.

Edited by -X-, 04 January 2013 - 01:56 AM.

Download all Windows XP Post SP3 High-Priority Updates with a simple double click @ xdot.tk post-12166-0-42859000-1399044129.png ]
               If someone helps you fix a problem, please report back so they and others can benefit from the solution. Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users