Re: [Unattended] Slipstreaming hotfixes in Windows 2000/XP/2003 installation.

2003-10-03 Thread Dag Nummedal
Patrick J. LoPresti writes:
> Thanks for the information.  When (if?) I find time to work on the
> documentation again, I will add this.
> 
> One thing to note...  MS03-039 supersedes MS03-026, which itself
> supersedes MS03-010.  These are also known as
> ,
> , and
> , respectively.
> 
> You would think you only need to install the last of the three.  Back
> before 824146 was released, I tried commenting out 331953 from the
> winxpsp1-updates.bat script so that only 823980 was installed.  The
> hotfix installed fine, but Windows Update still thought 331953 was
> needed.
> 
> I do not know if something similar happens with 824146, so right now I
> am just installing all three.  If someone would care to try a fresh
> install with just 824146, and see if Windows Update thinks the other
> two are needed, that would be interesting.
> 
> The reason I bring this up is that I am a little concerned what will
> happen if you try to install 331953 or 823980 after using your
> slipstreamed 824146 media.  In the best case, the old hotfixes will
> refuse to replace the newer files...  But I would suggest testing it.
> Have you?  :-)
> 

I've only checked with Windows XP, but there:

  a) Windows Update does not want eiter of the older fixes.

  b) When I run any of the three fixes on a machine they simply update the
 registry to mark themselves installed, and leave the files alone.  You're
 not asked to do a reboot.


-- 
Dag Nummedal ([EMAIL PROTECTED])


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
unattended-info mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/unattended-info


Re: [Unattended] Slipstreaming hotfixes in Windows 2000/XP/2003 installation.

2003-09-30 Thread Patrick J. LoPresti
Thanks for the information.  When (if?) I find time to work on the
documentation again, I will add this.

One thing to note...  MS03-039 supersedes MS03-026, which itself
supersedes MS03-010.  These are also known as
,
, and
, respectively.

You would think you only need to install the last of the three.  Back
before 824146 was released, I tried commenting out 331953 from the
winxpsp1-updates.bat script so that only 823980 was installed.  The
hotfix installed fine, but Windows Update still thought 331953 was
needed.

I do not know if something similar happens with 824146, so right now I
am just installing all three.  If someone would care to try a fresh
install with just 824146, and see if Windows Update thinks the other
two are needed, that would be interesting.

The reason I bring this up is that I am a little concerned what will
happen if you try to install 331953 or 823980 after using your
slipstreamed 824146 media.  In the best case, the old hotfixes will
refuse to replace the newer files...  But I would suggest testing it.
Have you?  :-)

 - Pat

Dag Nummedal <[EMAIL PROTECTED]> writes:

> While the Unattended docs describe how to streamline a Servicepack
> into a Windows XP or 2000 installation, it doesn't describe how to
> also streamline a hotfix the same way.  For most hotfixes there's no
> real need to integrate them into the base install, but MS03-26 and
> MS03-39 are remotely exploitable even durung the install.  Anybody
> doing a netinstall in a potentially hostile environment will need to
> do create new installpoints with the patch installed.
>
> Under I've included som links to information from Microsoft:
>  http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/HFDeploy.htm
>  http://www.microsoft.com/WindowsXP/pro/downloads/servicepacks/sp1/hfdeploy.asp
> 
>  http://support.microsoft.com/default.aspx?kbid=824994
>  http://support.microsoft.com/default.aspx?kbid=814847


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
unattended-info mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/unattended-info


[Unattended] Slipstreaming hotfixes in Windows 2000/XP/2003 installation.

2003-09-30 Thread Dag Nummedal

While the Unattended docs describe how to streamline a Servicepack into a
Windows XP or 2000 installation, it doesn't describe how to also streamline a
hotfix the same way.  For most hotfixes there's no real need to integrate them
into the base install, but MS03-26 and MS03-39 are remotely exploitable even
durung the install.  Anybody doing a netinstall in a potentially hostile
environment will need to do create new installpoints with the patch installed.

Under I've included som links to information from Microsoft:
 http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/HFDeploy.htm
 http://www.microsoft.com/WindowsXP/pro/downloads/servicepacks/sp1/hfdeploy.asp

 http://support.microsoft.com/default.aspx?kbid=3D824994
 http://support.microsoft.com/default.aspx?kbid=3D814847

The procedure for MS03-39 is as follows:

1. Delete ole32.dl_, rpcss.dl_, rpcrt4.dl_, svcpack.in_ from the i386 directory.

2. Unpack the correct hotfix (-x argument), and copy ole32.dll, rpcss.dll and
   rpcrt4.dll to the i386 directory.

3. Create an i386\svcpack directory, and populate it with the KB824146.CAT
   file from the hotfix. Rename the hotfix to KB824146.EXE, and copy it there
   also.

4. Modify dosnet.inf, to incude the following (note win2000 already has a
   [OptionalSrcDirs] line, while XP and 2003 has none):

 [OptionalSrcDirs]
 svcpack

5. Create a svcpack.inf file in the i386 directory with the following information:

 [Version]
 Signature="$Windows NT$"
 MajorVersion=x
 MinorVersion=y
 BuildNumber=z

 [SetupData]
 CatalogSubDir="\i386\svcpack"

 [ProductCatalogsToInstall]
 KB824146.CAT

 [SetupHotfixesToRun]
 KB824146.exe /u /n /z

   For Windows 2000:
 MajorVersion=5
 MinorVersion=0
 BuildNumber=2195

   For Windows XP:
 MajorVersion=5
 MinorVersion=1
 BuildNumber=2600

   For Windows 2003:
 MajorVersion=5
 MinorVersion=2
 BuildNumber=3790

   You can use the same svcpack.inf file for all OS (no MajorVersion etc.),
   but then it the install will log some errors, and the hotfix won't run
   during the install.  The install will not be vulnerable, so as long as you
   run the hotfix with the rest of the patches, everything should work fine.

   Modified files:
   ole32.dllreplaces ole32.dl_
   rpcrt4.dll   replaces rpcrt4.dl_
   DOSNET.INF   added line to [OptionalSrcDirs]
   svcpack.inf  replaces svcpack.in_

   svcpack/KB824146.EXE  renamed hotfix
   svcpack/KB824146.CAT  security catalog file from hotfix

-- 
Dag Nummedal ([EMAIL PROTECTED])


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
___
unattended-info mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/unattended-info