DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 

Automatically Slipstream Windows XP with SP2 and All Post-SP2 Security Hotfixes with a Single Command (Updated 03-May-09)

For information about slipstreaming Windows XP SP3, visit http://smithii.com/slipstream_xpsp3.

I've written the batch file xpsp2.cmd (updated 03-May-09) to automatically download and slipstream a standard Windows XP boot disk with Service Pack 2 and all post-SP2 security hotfixes.

It uses wget or curl (if either are found in the PATH), or your installed browser to download the updates. I have tested this with Internet Explorer, Firefox, and Opera. Other browsers should work, as well.

The batch file xpsp2local.cmd (updated 03-May-09) will update the copy of Windows XP that is installed on the computer you run the command on. You may wish to do this, if you do not have, or want, the machine you want to hotfix connected to the internet, or if you are unable to run Windows Update for some reason (for example, if Internet Explorer isn't installed, or doesn't work properly, due to a virus or similar mishap).

To slipstream the hotfixes, and burn the slipstreamed disk, I've created the makefile xpsp2.mak (updated 03-May-09). Details on usage below.

Microsoft XML Core Services Hotfixes

For Microsoft XML Core Services, run msxml_hotfixes.cmd (updated 24-Aug-07) to install the latest hotfixes locally.

Microsoft Office 2003 SP2 and Hotfixes

For Office 2003, run office_2003_hotfixes.cmd (updated 25-Aug-07) to install Service Pack 2, and all post-SP2 hotfixes locally.

The xpsp2* scripts listed above include the following security updates found at http://www.microsoft.com/technet/security/current.aspx:


Apr 09:

MS09-010 - Critical
Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
KB923561
SP2: replaces none
SP3: replaces none

MS09-013 - Critical
Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
SP2: replaces none
SP3: replaces none

MS09-011 - Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
SP2: replaces MS08-033
SP3: replaces MS08-033

MS09-014 - Critical
Cumulative Security Update for Internet Explorer (963027)
SP2: replaces MS08-073, MS08-078
SP3: replaces MS08-073, MS08-078

MS09-012 - Important
Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
SP2: replaces MS07-022, MS08-002, MS08-064
SP3: replaces MS08-064

MS09-015 – Moderate
Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
SP2: replaces MS07-035
SP2: replaces MS07-035

Mar 09:

MS09-006 – Critical
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
SP2: replaces MS08-061
SP3: replaces MS08-061

MS09-007 - Important
Vulnerability in SChannel Could Allow Spoofing (960225)
SP2: replaces MS07-031
SP3: replaces none

Feb 09:

Jan 09:

MS09-001 – Critical
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
SP2: replaces MS08-063
SP3: replaces MS08-063

Dec 08:

MS08-071 – Critical
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
SP2: replaces MS08-021
SP3: replaces none

MS08-073 - Critical
Cumulative Security Update for Internet Explorer (958215)
SP2: replaces MS08-058
SP3: replaces MS08-058

MS08-076 – Important
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
SP2: replaces none
SP3: replaces none

MS08-078 - Critical
Security Update for Internet Explorer (960714)
SP2: replaces none
SP3: replaces none

Nov 08:

MS08-068 | Important
Vulnerability in SMB Could Allow Remote Code Execution (957097)
SP2: replaces MS05-011
SP3: replaces none

MS08-069 | Critical
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
SP2: replaces MS06-042
SP3: replaces none

Oct 08:

MS08-058 - Critical
Cumulative Security Update for Internet Explorer (956390)
SP2: replaces MS08-045
SP3: replaces MS08-045

MS08-061 – Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
SP2: replaces MS08-025
SP3: replaces none

MS08-062 - Important
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
SP2: replaces none
SP3: replaces none

MS08-063 – Important
Vulnerability in SMB Could Allow Remote Code Execution (957095)
SP2: replaces MS06-063
SP3: replaces none

MS08-064 – Important
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
SP2: replaces MS07-022
SP3: replaces none

MS08-066 – Important
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
SP2: replaces none
SP3: replaces none

MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
SP2: replaces MS06-040
SP3: replaces none

Sep 08:

MS08-052 - Critical
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
SP2: replaces none
SP3: replaces none

MS08-053 - Critical
Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
SP2: replaces none
SP3: replaces none

MS08-054 - Critical
Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
SP2: replaces none
SP3: replaces none

Aug 08:

MS08-045 - Critical
Cumulative Security Update for Internet Explorer (953838)
SP2: replaces MS08-031
SP3: replaces MS08-031

MS08-046 - Critical
Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
SP2: replaces none
SP3: replaces none

MS08-048 - Important
Security Update for Outlook Express and Windows Mail (951066)
SP2: replaces none
SP3: replaces none

MS08-049 - Important
Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
SP2: replaces none
SP3: replaces none

MS08-050 - Important
Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
SP2: replaces none
SP3: replaces none

Jul 08:

MS08-037 - Important
Vulnerabilities in DNS Could Allow Spoofing (953230)
SP2: replaces MS06-064, MS08-001
SP3: replaces none

Jun 08:

MS08-030 - Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
SP2: replaces none
SP3: replaces none

MS08-031 - Critical
Cumulative Security Update for Internet Explorer (950759)
SP2: replaces MS08-024
SP3: replaces none
replaced by MS08-45

MS08-032 - Moderate
Cumulative Security Update of ActiveX Kill Bits (950760)
SP2: replaces MS08-023
SP3: replaces none

MS08-033 - Critical
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
SP2: replaces MS07-064
SP3: replaces none

MS08-035 - Important
Vulnerability in Active Directory Could Allow Denial of Service (953235)
SP2: replaces MS08-003
SP3: replaces none

MS08-036 - Important
Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
SP2: replaces MS06-052
SP3: replaces none
  1. KB941693: MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege Release 08-Apr-08 (Important)
  2. KB944338: MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution Release 08-Apr-08 (Critical)
  3. KB948590: MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution Release 08-Apr-08 (Critical)
  4. KB945553: MS08-020: Vulnerability in DNS Client Could Allow Spoofing Release 08-Apr-08 (Important)
  5. <!-- Feb, 2008: http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx -->

  6. KB947890: MS08-008: Vulnerability in OLE Automation Could Allow Remote Code Execution Released 12-Feb-08 (Critical)
  7. KB946026: MS08-007: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution Released 12-Feb-08 (Critical)
  8. KB942830: MS08-006: Vulnerability in Internet Information Services Could Allow Remote Code Execution Released 12-Feb-08 (Important)
  9. KB942831: MS08-005: Vulnerability in Internet Information Services Could Allow Elevation of Privilege Released 12-Feb-08 (Important)
  10. <!-- Jan, 2008: http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx -->

  11. KB943485: MS08-002: Vulnerability in LSASS Could Allow Local Elevation of Privilege Released 08-Jan-08 (Important)
  12. <!-- Dec, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx -->

  13. KB941569: MS07-068: Vulnerability in Windows Media File Format Could Allow Remote Code Execution Released 11-Dec-07 (Critical)
  14. KB944653: MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege Released 11-Dec-07 (Important)
  15. KB937894: MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution Released 11-Dec-07 (Important)
  16. <!-- Nov, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-nov.mspx -->

  17. KB943460: MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution Released 13-Nov-07 (Critical)
  18. <!-- Oct, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx -->

  19. KB933729: MS07-058: Vulnerability in RPC Could Allow Denial of Service Released 09-Oct-07 (Important)
  20. KB941202: MS07-056: Security Update for Outlook Express and Windows Mail Released 09-Oct-07 (Critical)
  21. KB923810: MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution Released 09-Oct-07 (Critical)
  22. <!-- Aug, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx -->

  23. KB938127: MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 14-Aug-07 (Important)
  24. KB936782: MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  25. <!-- Jul, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-jul.mspx -->

  26. KB939373: MS07-041: Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution Released 20-Jul-07 (Important)
  27. <!-- June, 2007: http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx -->

  28. KB935839: MS07-035: Vulnerability in Win32 API Could Allow Remote Code Execution Released 12-Jun-07 (Critical)
  29. KB929123: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail Released 12-Jun-07 (Critical)
  30. KB935840: MS07-031: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution Released 12-Jun-07 (Critical)
  31. <!-- May, 2007: http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx -->

    <!-- April, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx -->

  32. KB931784: MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege Released 07-Apr-07 (Important)
  33. KB930178: MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  34. KB932168: MS07-020: Vulnerability in Microsoft Agent Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  35. KB931261: MS07-019: Vulnerability in Universal Plug and Play Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  36. KB925902: MS07-017: Security Update for Windows XP Released 03-Apr-07 (Critcal)
  37. <!-- February, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-feb.mspx -->

  38. KB918118: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  39. KB924667: MS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  40. KB926436: MS07-011: Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (Important) Released 12-Feb-07 (Important)
  41. KB927779: MS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution Released 12-Feb-07 (Critical)
  42. KB928843: MS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution Released 12-Feb-07 (Critical)
  43. KB927802: MS07-007: Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege Released 12-Feb-07 (Important)
  44. KB928255: MS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege Released 12-Feb-07 (Important)
  45. <!-- December, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx -->

  46. KB926255: MS06-075: Vulnerability in Windows Could Allow Elevation of Privilege Released 12-Dec-06 (Important)
  47. KB926247: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution Released 12-Dec-06 (Important)
  48. <!-- November, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx -->

  49. KB924270: MS06-070: Vulnerability in Workstation Service Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  50. KB920213: MS06-068: Vulnerability in Microsoft Agent Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  51. KB923980: MS06-066: Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution Released 14-Nov-06 (Important)
  52. <!-- October, 2006: http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx -->

  53. KB924496: MS06-065: Vulnerability in Windows Object Packager Could Allow Remote Execution Released 10-Oct-06 (Moderate)
  54. KB923414: MS06-063: Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution Released 10-Oct-06 (Important)
  55. KB924191: MS06-061: Vulnerabilities in Microsoft XML Core Services could allow remote code execution Released 10-Oct-06 (Critical)
  56. KB923191: MS06-057: Vulnerability in Windows Explorer Could Allow Remote Execution Released 10-Oct-06 (Critical)
  57. <!-- September, 2006: http://www.microsoft.com/technet/security/bulletin/ms07-sep.mspx -->

  58. KB920685: MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting Released 12-Sep-06 (Moderate)
  59. <!-- August, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-aug.mspx -->

  60. KB920670: MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution  Released 08-Aug-06 Important)
  61. KB920683: MS06-041: Vulnerability in DNS Resolution Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  62. <!-- July, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jul.mspx -->

  63. KB914388: MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution Released 11-Jul-06 (Critical)
  64. <!-- June, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx -->

  65. KB914389: MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege Released 13-Jun-06 (Important)
  66. KB911280: MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  67. KB918439: MS06-022: Vulnerability in ART Image Rendering Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  68. <!-- May, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-may.mspx -->

  69. KB913580: MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator could allow denial of service Released 09-May-06 (Moderate)
  70. <!-- April, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx -->

  71. KB908531: MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution Released 11-Apr-06 (Updated 25-Apr-06) (Critical)
  72. KB911562: MS06-014: Vulnerability in Microsoft Data Access Components (MDAC) function could allow code execution Released 11-Apr-06 (Updated 11-May-06) (Critical)
  73. <!-- February, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-feb.mspx -->

  74. KB901190: MS06-009: Vulnerability in the Korean Input Method Editor (IME) could allow elevation of privilege Released 10-May-06 (Important)
  75. KB911927: MS06-008: Vulnerability in Web Client Service Could Allow Remote Code Execution Released 10-May-06 (Important)
  76. KB911564: MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution Released 10-May-06 (Important)
  77. KB911565: MS06-005: Vulnerability in Windows Media Player 9 Could Allow Remote Code Execution Released 10-May-06 (Critical)
  78. <!-- January, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx -->

  79. KB908519: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution Released 11-Jan-06 (Critical)
  80. <!-- November, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-nov.mspx -->

  81. KB902400: MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution Released 8-Nov-05 (Critical)
  82. <!-- October, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx -->

  83. KB900725: MS05-049: Vulnerabilities in the Windows shell could allow for remote code execution Released 29-Dec-05 (Important)
  84. KB901017: MS05-048: Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution Released 29-Dec-05 (Important)
  85. KB905749: MS05-047: Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege Released 29-Dec-05 (Important)
  86. KB905414: MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service Released 29-Dec-05 (Moderate)
  87. <!-- August, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-aug.mspx -->

  88. KB896423: MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution Released 14-Aug-05 (Critical)
  89. KB899587: MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing Released 14-Aug-05 (Moderate)
  90. KB899591: MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service Released 14-Aug-05 (Moderate)
  91. KB893756: MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution Released 14-Aug-05 (Important)
  92. <!-- July, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx -->

  93. KB901214: MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution Released 12-Jul-05 (Critical)
  94. <!-- June, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx -->

  95. KB896428: MS05-033: Vulnerability in Telnet Client Could Allow Information Disclosure Released 14-Jun-05 (Moderate)
  96. KB890046: MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing Released 14-Jun-05 (Moderate)
  97. KB896358: MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution Released 14-Jun-05 (Critical)
  98. <!-- April, 2005 -->

  99. KB890859: MS05-018: Vulnerabilities in Windows kernel Could Allow Elevation of Privilege and Denial of Service Released 12-Apr-05 (Important)
  100. <!-- February, 2005 -->

  101. KB891781: MS05-013: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Code Execution Released 8-Feb-05 (Critical)
  102. KB887472: MS05-009: Vulnerability in PNG Processing Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  103. KB888302: MS05-007: Vulnerability in Windows Could Allow Information Disclosure Released 8-Feb-05 (Important)
  104. <!-- December, 2004 -->

  105. KB885835: MS04-044: Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege Released 14-Dec-04 (Important)
  106. KB873339: MS04-043: Vulnerability in HyperTerminal Could Allow Code Execution Released 14-Dec-04 (Important)
  107. KB885836: MS04-041: A Vulnerability in WordPad Could Allow Code Execution Released 14-Dec-04 (Important)
  108. <!-- August, 2004 -->

  109. KB835935: Windows XP Service Pack 2 Released 24-Aug-04

<!-- ******************************************************************** -->
These updates are not included as they have been superceeded by a following update:
<!-- ******************************************************************** -->

  1. KB947864: MS08-024: Cumulative Security Update for Internet Explorer Release 08-Apr-08 (Critical)
  2. KB948881: MS08-023: Security Update of ActiveX Kill Bits Release 08-Apr-08 (Critical)
  3. KB944533: MS08-010: Cumulative Security Update for Internet Explorer Released 12-Feb-08 (Critical)
  4. KB946538: MS08-003: Vulnerability in Active Directory Could Allow Denial of Service Released 12-Feb-08 (Important)
  5. KB941644: MS08-001: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution Released 08-Jan-08 (Critical)
  6. KB938829: MS07-046: Vulnerability in GDI Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  7. KB942615: MS07-069: Cumulative Security Update for Internet Explorer Released 11-Dec-07 (Critical)
  8. KB941568: MS07-064: Vulnerabilities in DirectX Could Allow Remote Code Execution Released 11-Dec-07 (Critical)
  9. KB939653: MS07-057: Cumulative Security Update for Internet Explorer Released 09-Oct-07 (Critical)
  10. KB937143: MS07-045: Cumulative Security Update for Internet Explorer Released 14-Aug-07 (Critical)
  11. KB921503: MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  12. KB933566: MS07-033: Cumulative Security Update for Internet Explorer Released 12-Jun-07 (Critical)
  13. KB931784: MS07-027: Cumulative Security Update for Internet Explorer Released 08-May-07 (Critical)
  14. KB928090: MS07-016: Cumulative Security Update for Internet Explorer Released 12-Feb-07 (Critical)
  15. KB929969: MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 09-Jan-07 (Critical)
  16. KB923689: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution Released 12-Dec-06 (Critical)
  17. KB923694: MS06-076: Cumulative Security Update for Outlook Express Released 12-Dec-06 (Important)
  18. KB925454: MS06-072: Cumulative Security Update for Internet Explorer Released 12-Dec-06 (Critical)
  19. KB922760: MS06-067: Cumulative Security Update for Internet Explorer Released 14-Nov-06 (Critical)
  20. KB925486: MS06-055: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 12-Sep-06 (Critical)
  21. KB922819: MS06-064: Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service Released 10-Oct-06 (Low)
  22. KB919007: MS06-052: Vulnerability in Reliable Multicast Program (PGM) Could Allow Remote Code Execution Released 12-Sep-06 (Important)
  23. KB917422: MS06-051: Vulnerability in Windows Kernel Could Result in Remote Code Execution Released 08-Aug-06 (Critical)
  24. KB922616: MS06-046: Vulnerability in HTML Help Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  25. KB921398: MS06-045: Vulnerability in Windows Explorer Could Allow Remote Code Execution  Released 08-Aug-06 Important)
  26. KB920214: MS06-043: Vulnerability in Microsoft Windows Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  27. KB918899: MS06-042: Cumulative Security Update for Internet Explorer Released 08-Aug-06 (Critical)
  28. KB921883: MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  29. KB917159: MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution Released 11-Jul-06 (Critical)
  30. KB917537: MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution Released 11-Jul-06 (Important)
  31. KB917953: MS06-032: Vulnerability in TCP/IP Could Allow Remote Code Execution Released 13-Jun-06 (Important)
  32. KB917734: MS06-024: Vulnerability in Windows Media Player Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  33. KB917344: MS06-023: Vulnerability in Microsoft JScript Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  34. KB916281: MS06-021: Cumulative Security Update for Internet Explorer Released 13-Jun-06 (Critical)
  35. KB913433: MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution Released 09-May-06 (Critical)
  36. KB911567: MS06-016: Cumulative Security Update for Outlook Express Released 11-Apr-06 (Important)
  37. KB912812: MS06-013: Cumulative Security Update for Internet Explorer Released 11-Apr-06 (Critical)
  38. KB913446: MS06-007: Vulnerability in TCP/IP Could Allow Denial of Service Released 10-May-06 (Important)
  39. KB912919: MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Released 6-Jan-06 (Critical)
  40. KB905915: MS05-054: Cumulative Security Update for Internet Explorer Released 13-Dec-05 (Critical)
  41. KB896424: MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution Released 8-Nov-05 (Critical)
  42. KB896688: MS05-052: Cumulative Security Update for Internet Explorer Released 29-Dec-05 (Critical)
  43. KB904706: MS05-050: Vulnerability in DirectShow Could Allow Remote Code Execution Released 29-Dec-05 (Critical)
  44. KB899589: MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution Released 29-Dec-05 (Important)
  45. KB899588: MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege Released 14-Aug-05 (Critical)
  46. KB896727: MS05-038: Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 Released 14-Aug-05 (Critical)
  47. KB903235: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution Released 14-Aug-05 (Critical)
  48. KB890046: MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing Released 14-Jun-05 (Moderate)
  49. KB896422: MS05-027: Vulnerability in Server Message Block Could Allow Remote Code Execution Released 14-Jun-05 (Critical)
  50. KB883939: MS05-025: Cumulative Security Update for Internet Explorer Released 14-Jun-05 (Critical)
  51. KB890923: MS05-020: Cumulative security update for Internet Explorer Released 12-Apr-05 (Important)
  52. KB893086: MS05-016: Vulnerability in Windows Shell that Could Allow Remote Code Execution Released 12-Apr-05 (Critical)
  53. KB888113: MS05-015: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  54. KB873333: MS05-012: Vulnerability in OLE and COM Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  55. KB885250: MS05-011: Vulnerability in Server Message Block Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  56. KB890047: MS05-008: Vulnerability in Windows shell could allow remote code execution Released 8-Feb-05 (Important)
  57. KB890175: MS05-001: Vulnerability in HTML Help could allow code execution Released 11-Jan-05 (Critical)
  58. <!--
    not security updates

  59. KB885932: Update for Internet Explorer 6 for XP Service Pack 2
  60. KB884020: Programs that connect to IP addresses that are in the loopback address range may not work as you expect in Windows XP Service Pack 2 Released Sep-04
  61. KB886185: Critical update for Windows Firewall "My Network (subnet) only" scoping in Windows XP Service Pack 2 Released 14-Dec-04 (Critical)
  62. -->

<!-- ******************************************************************** -->
The following security updates are not presently included:
<!-- ******************************************************************** -->

  1. KB923723: MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  2. KB923789: MS06-069: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  3. KB898458: MS05-031: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution Released 14-Jun-05 (Important)
  4. KB893066: MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service Released 12-Apr-05 (Critical)
  5. KB890261: MS05-009: Vulnerability in PNG Processing Could Lead to Buffer Overrun Released 8-Feb-05 (Critical)
  6. KB887219: MS05-004: ASP.NET Path Validation Vulnerability Released 8-Feb-05 (Important)
  7. KB816093: MS03-011: Flaw in Microsoft VM Could Enable System Compromise Released 14-Dec-04 (Critical)

Please let me know if you feel I've missed an important update.

Fitting All the Hotfixes onto a 700MB CD

If you slipstream all of the hotfixes listed above, the resulting size will be greater than will fit on a single 700MB "80 minute" CD-R. There are two options to get around this limitation:

1. Burn to a DVD instead of a CD. Of course, this isn't an option if the computer you are installing on does not have a DVD drive, or you don't have software to burn an .ISO file to a DVD.

2. Remove unneeded directories from the CD. On my Windows XP SP1 CD, I found I could delete the following directories before creating the .ISO:

D:\I386\WIN9XMIG: 33.5MB (Windows 9x migration files, not used when performing a fresh XP installation)
D:\DOTNETFX:      33.1MB (.NET Framework, install this manually later if needed)
D:\cmpnents       26.5MB (.NET Framework, TabletPC)
D:\SUPPORT:       11.3MB (Support tools, not used by the installer)
D:\VALUEADD:       9.1MB (Value added programs, not used by the installer)
D:\I386\WIN9XUPG:  3.9MB (Windows 9x upgrade files, not used when performing a fresh XP installation)
D:\DOCS:           0.1MB (Miscellaneous documents, not used by the installer)

If you don't need to install the Recovery Console, you can remove:

D:\I386\WINNTUPG:  1.0MB (Windows NT/2000 upgrade files, not used when performing a fresh XP installation)

If you don't need to install languages other than English, you can remove:

D:\I386\LANG:    101.7MB

If you remove all of the above directories, you will have reduced the size of the CD by over 223MB. Using my Windows XP SP1 disk, I went from 786MB, to 563MB, which easily fits on most sizes of CD-R media (see the table below).

Here is a table listing the different sizes of CD media. The sizes listed below I discovered empirically, and may vary depending on the type of media used.

Disk Type                       Size
------------------------ -----------
80 minute/"700MB" CD-R   697,425,920
74 minute/"650MB" CD-R   642,883,584
80 minute/"700MB" CD-R/W 598,808,576
74 minute/"650MB" CD-R/W 557,260,800

Of course, using a program such as nLite, you can accomplish a far greater size reduction that what is listed above.

For more information, see:

http://unattended.msfn.org/unattended.xp/view/web/57/
http://pages.videotron.com/tbone/unattended/#_Toc79089721

Using Cygwin to Burn a Bootable CD

If you have, or install, Cygwin, you can build and burn a bootable CD, by editing the CD and CD_DEV variables at the beginning of xpsp2.mak, and typing:

$ make -f xpsp2.mak

You can also add the parameters on the command line:

$ make -f xpsp3.mak CD=F: CD_DEV=0,0,0

If you include md5s.txt (updated 03-May-09), make will verify the files downloaded correctly before executing them.

Note: KB885835 and KB885250 share the same file (mrxsmb.sys), so an error occurs if you attempt to slipstream both of them at once. These scripts solve this issue by superceeding KB885835's version of the file (5.1.2600.2541, xpsp_sp2_gdr.040919-1056, dated 10-27-2004, 448,128 bytes) with KB885250's version (5.1.2600.2598, xpsp_sp2_gdr.041130-1729, dated 1-18-2005, 451,584 bytes).

Of course, to run make, you will need to install Cygwin and select the make, perl, and wget packages.

To create a Windows XP boot disk with Service Pack 1a and Update Rollup 1 (KB826939), use xpsp1_ru.mak.

Older Scripts

To create a Windows XP boot disk with only SP1a, use xpsp1.mak.

To create a Windows 2000 boot disk with SP4, use w2k_sp4.mak.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

A couple 404s in the script:

http://support.microsoft.com/kb/923689
http://support.microsoft.com/kb/925398

for those two. They have both been replaced with 'v2' versions.

Kansei,

Fixed. Thanks for the heads up!

WSUS Interoperability

Here at work we use WSUS to keep systems up to date, but it's a tiring process for freshly installed XP systems (start, get 2 updates, restart, get 77 updates, install office, restart, get 15 updates, install visual studio 2005 and sql 2005, get more updates, restart.. blech) so I used your awesome script (with some tweaks so that I can see the wget output while downloading files and so it doesn't stick hotfixes in my windows folder as it once was) to make an updated xp install disk, which we can then use when our custom image doesn't work on a computer's hardware configuration (i.e. it has SATA or more than one processor core.. so every single desktop/laptop received during the past year).

I was wondering if you or anyone here knows if there's a way to get low-level access to the WSUS updates so that I don't have to download such a huge batch of updates. WSUS has them all downloaded already, might as well use them instead of taxing the single T1 here. I found a WsusContent folder on the server, and inside it are folders corresponding to every 2-digit hex number. Inside each of those folders is a set of executable and CAB files, dating from 2004 through yesterday. They don't have the standard names at all, and I know there's updates for 2k, XP, Server 2003, and Vista in there. I wonder if there's a translation from those file names to the 'real name'?

Kansei,

Personally, I have no idea. If you discover anything more, feel free to post your results here. Thanks!

Having problems (Error 4)

Hello all,
Great script, I had a version from sometime in May working great, now I am trying to use this new script with a volume license version of XP and I am running into the following problems:

touch WindowsXP-KB835935-x86-ENU.exe.touch
Integrating WindowsXP-KB873339-x86-ENU.exe into C:/Document...
make: [WindowsXP-KB873339-x86-ENU.exe.touch] Error 4 (ignored)
touch WindowsXP-KB873339-x86-ENU.exe.touch
.
.
.

and so on until the end. I have tried to move these directories to somewhere without spaces (C:\dir) and still have the same problems. I also tried reinstalling make from cygwin. Any other ideas?

Thanks,
Ed

problem downloading

I haven't been able to read all of the comments, so if this suggestion has already been made, please ignore.

This is for people who used a separate hotfix directory (mine was C:\XPSP2Update\HotFixes). The problem was when a hotfix was downloaded by wget, which was located in c:\XPSP2Update, the file would remain in C:\XPSP2Update and not ever get to the HotFixes directory. So, I added the following line to the end of the :download section:
move /y *ENU.exe %hotfixdir%

So the entire section looks like:

:download
for /f "delims=/ tokens=8" %%a in ("%1") do set exe=%%a
set rv=%exe%
if "%rv%" == "" (
echo Unable to parse the filename from "%1"
goto :eof
)
if exist "%hotfixdir%\%rv%" goto :eof
%DOWNLOADER% %1
move /y *ENU.exe %hotfixdir%

%hotfixdir% definitely not working with wget and curl

I had this too, and realised that the DOWNLOADER variable only contains the %hotfixdir% anywhere when it's using the generic 'start' syntax, so wget and curl will always download to the current directory - it just happens that that's the default location anyway.

I worked around it by passing the -O option in to wget, but that requires the full filename of the destination file, so is hard to make generic.

The best idea I've come up with is to change to the hotfix dir, run the download command, and then change back straight away (I couldn't get 'start' and 'wget' to co-operate in a desirable way):

pushd "%hotfixdir%"
%DOWNLOADER% %1
popd

Unfortunately, this means you can't have wget in the directory next to the cmd script (because once you change directory, it won't be in the path any more), which is a shame. Maybe also put the script's directory into the PATH at the top of the script, like this?

set PATH=%PATH%;%CD%;

possible

I just realized the added line may not work if the hotfix dir is the same as where the files are being downloaded to anyway. But I verified it by testing
move /y temp.txt %cd%
where temp.txt was some small file, and it worked... that is, it didn't cause an error.

Installing wget - place the wget.exe file in C:/Windows

Just thought it worth mentioning to people not familiar with all this that you need to place the wget.exe file in your PATH (C:/Windows) in order to get the downloads to work automatically. If you don't do this then you will be prompted by your browser to save each download.

Editing the CD and CD_DEV

Hey Ross,

First off, your cmd & mak files are awesome - great work. I have two problems though. First, I make it all the way through the "make" process, right down to inserting the blank CD and get the following messages:

PATH="$PATH:." cdrecord -dev=1,0,0 -v xpsp2.iso
cdrecord: No write mode specified
cdrecord: Asuming -tao mode.

blah, blah, blah

TOC Type: 1 = CD-ROM
cdrecord: Fifo not supported
scsidev: '1,0,0'
scsibus: 1 target: 0, lun: 0
Using libscg version 'schily-0.8'.
SCSI buffer size: 64512
atapi: -1
Device type : Disk
Version : 0
Response Format : 0
Vendor_info : 'HDS7280'
Identification : '0PLA300'
Revision : 'PF20'
Device seems to be: Generic CCS Disk
cdrecord: Sorry no CD/DVD-Drive found on this target.
make: *** [cdrecord] Error 255

So, I think I have 2 questions.

(1) I've edited the xpsp2.mak file to change the cd default from D: to X: (in my case), but I'm having trouble with the CD_DEV, I'm not sure what to set that to. How do I get the device location for my CD drive?

(2) As you stated, the complete slipstreamed package exceeds the capacity of a 700MB CD. You've given suggestions on how to reduce the image size, but how do you factor that into the xpsp2.mak run? In other words, how do I delete the files you suggest and get xpsp2.mak to use the reduced file set?

Any help you can provide would be greatly appreciated.

Thanks,
Ray

Ray,

Re (1), type:

cdrecord -scanbus

then replace the 1,0,0 in the command line, with the device you want to use. For example, when I type cdrecord -scanbus, I get the following:

C:\>cdrecord -scanbus
Cdrecord-Clone 2.01-bootcd.ru (i386-pc-mingw32) Copyright (C) 1995-2004 J÷rg Sch
illing
NOTE: this version of cdrecord is an inofficial (modified) release of cdrecord
      and thus may have bugs that are not present in the original version.
      Please send bug reports and support requests to Alex Kopylov .
      The original author should not be bothered with problems of this version.

Using libscg version 'schily-0.8'.
scsibus0:
        0,0,0     0) 'Hitachi ' 'HTS721080G9S    ' 'MC4O' Disk
        0,1,0     1) *
        0,2,0     2) *
        0,3,0     3) *
        0,4,0     4) *
        0,5,0     5) *
        0,6,0     6) *
        0,7,0     7) HOST ADAPTOR
scsibus1:
        1,0,0   100) 'TSSTcorp' 'DVD+-RW TS-L532B' 'DE04' Removable CD-ROM
        1,1,0   101) *
        1,2,0   102) *
        1,3,0   103) *
        1,4,0   104) *
        1,5,0   105) *
        1,6,0   106) *
        1,7,0   107) HOST ADAPTOR
scsibus2:
        2,0,0   200) 'HP      ' 'DVD Writer 940d ' '3H23' Removable CD-ROM
        2,1,0   201) *
        2,2,0   202) *
        2,3,0   203) *
        2,4,0   204) *
        2,5,0   205) *
        2,6,0   206) *
        2,7,0   207) HOST ADAPTOR

So, if I want to use the Sony device on 1,0,0 I would set the CD_DEV variable at the top of xpsp2.mak to read CD_DEV=1,0,0. If I want the use the HP device, I would use CD_DEV=2,0,0.

If you don't want to keep remembering to update xpsp2.mak whenever a new release appears, create a file called local.mak, and include the variable there. For example, here's the local.mak I use:

CD=E:
CD_DEV=2,0,0

Any of the variables in xpsp2.mak that are followed by ?= can be placed in local.mak.

Re (2), I would suggest run xpsp2.mak, and when it asks to "Insert a blank CD-R...", press Ctrl-C, delete the directories manually, and then re-run xpsp2.mak. It will pick up where it left off.

I can't add the directory deletion logic to the script, as we can't assume everyone is wanting to delete anything.

Reducing XP SP2 & Hotfixes to fit on CD

Hey Ross,

Your suggestions worked great, but with a couple minor clarifications on your instructions for using xpsp2.mak to make boot/install that will actually fit on a CD. Since xpsp2.mak uses the ISO formated rar/xip archive it creates to burn the CD, after you Ctrl-C out of the xpsp2.mak script and delete the desired files out of the xpsp2_cd folder, you also have to delete the following files:

xpsp2.ISO
xpsp2.ISO.touch
xpsp2_boot_image.touch
xpsp2_boot_image (folder)

Then, as you indicated, when you re-run xpsp2.mak, it will pick up where it left off, except that it will recreate the ISO archive files and then burn the reduced file set to CD.

Thanks again for your help,
Ray

Ray,

Yes, you are correct. I will add these clarifications to the main article soon, so others can benefit from them.

used this command to integrate hotfixes with winxp sp2

hi there, i have used this command to integrate hotfixes with the winxp pro sp2 saved on my hd. . is this code is ok or not. let me know about it and i also need to intigrate the IE7, WMP11, WinInstaller 3.1, win messenger live, directx june 2007, and the swflash.cab with the win xp pro with sp1 saved on my HD(I:\winxp). so if u plz send me or update the existing xpsp2.cmd to do this for me it will b gr8 help.

thnx from

bugzooboyz

need a custom slipstreaming script

hi there, i have downloaded the hotfixs to my HD(I:\spupdate) and i also need to intigrate the IE7, WMP11, WinInstaller 3.1, win messenger live, directx june 2007, and the swflash.cab with the win xp pro with sp1 saved on my HD(I:\winxp). so if u plz send me or update the existing xpsp2.cmd to do this for me it will b gr8 help.

thnx from

bugzooboyz

Very helpful.. Many thanks

I just tried this how-to and am currently burning the XP install disc to try on a new machine.

This is very helpful. You have just shaved hours of downloading all the hotfixes again and again
for every machine I create from scratch.

I'm about to install this right now. I'll post my experience with the CD.

Many thanks. You rock.

Omar

one question regarding xpsp2.cmd

Hi Ross,

Thanks for the work!
I downloaded xpsp2.cmd and ran it, it firstly copied content from my XPSP2 disk on D drive to C drive local,
and then it started to downloading each MS patch, after the first patch was downloaded, the windows message
asking me Save,Run,or Cancel, I click on Run, the patch is installing, and then the xpsp2.cmd running inside
the DOS window is stuck there, appears "waiting for xxxxxx.exe to appear or press Ctrk+Break to abort....", it
loop the message and stay the same.

My purpose is to let the patch file to be automatically streamed into XP installation folder, but it appears
that the patch was installed to the local system, and stucked.....

Am I using your script correctly? Please advise.

Thanks
Neil

Neil:

Listed below are the command line switches that all of the MS hotfixes (or patches as you call them) use.

xpsp2.cmd, which slipstreams the hotfixes, uses

%hotfix% /passive /norestart /integrate:%builddir%

while xpsp2local, which installs the hotfixes locally, uses only

%hotfix% /passive /norestart

As the /passive switch is used in both instances, you should never see any dialog boxes.

When you download the hotfixes, you need to save them in the directory that the script expects to see them in. If you don't you will see the "waiting..." message.

I hope that helps,

Ross

AVAILABLE SWITCHES:
[/help] [/quiet] [/passive] [/norestart] [/forcerestart] [/warnrestart]
[/promptrestart] [/overwriteoem] [/nobackup] [/forceappsclose] 
[/integrate:<fullpath>] [/log:<fullpath>]		

	/help			Displays this message

SETUP MODES

	/quiet			Quiet mode (no user interaction or display)
	/passive			Unattended mode (progress bar only)

RESTART OPTIONS

	/norestart   		Do not restart when installation is complete
	/forcerestart		Restart after installation
	/warnrestart[:<seconds>] 	Warn and restart automatically if required
                                (default timeout 30 seconds)
	/promptrestart  		Prompt if restart is required

SPECIAL OPTIONS

	/overwriteoem		Overwrite OEM files without prompting
	/nobackup		Do not backup files needed for uninstall
	/forceappsclose		Force other programs to close when the computer shuts down
	/integrate:<fullpath>	Integrate this software update into <fullpath>
	/log:<fullpath>		Create log file at <fullpath>

thanks

Hi Ross,

Thanks for reply. I got what you mean.

So I should save each hotfix to a local folder, right? Can I just save it to any folder I make
or has to be a specific location and name?

I guess I have to click 180 times SAVE for 180 hotfixes, and then your script will call each of them
silently run and stream it to the XP folder, am I understanding right?

thank you again.
Neil

Neil:

The script will prompt you with:

Enter the directory path to contain Service Pack 2 and the hotfixes
or press [Enter] for '%hotfixdir%' or enter Q to quit:

Please save the downloaded hotfixes to this location.

If you install wget or curl into your system PATH, then the script will not prompt you at all!

Good luck,

-Ross

Thanks Ross, I downloaded

Thanks Ross, I downloaded wget and curl, then it works just great!

thank you!
Neil

Great work

I was searching for some info on slipstreaming Windows XP to fix a problem I had and found your site. This script is really great, and I just want
to congratulate you on a fine piece of work.

If I wanted to add a hotfix to this script, how would I go about doing so, without messing things up?

I'm testing a lite touch installation of XP Pro SP2 and Office 2007 using WDS and BDD2007, and when Office 2007 is about to install
I get a Windows Installer 3.1 error. As there are no updates installed, and the file is required, I have to find a way to get this
update slipstreamed(I think this will solve my problem).

Anything you can suggest to get the WindowsInstaller-KB893803-v2-x86.exe slipstreamed like the rest of the updates in your script would be appreciated.

thank you

grt:

WindowsInstaller-KB893803-v2-x86.exe uses the standard hotfix switches (run WindowsInstaller-KB893803-v2-x86.exe /? to see them), so if you are modifying xpsp2.cmd or xpsp2local.cmd, add

call :download \
http://download.microsoft.com/download/1/4/7/\
147ded26-931c-4daf-9095-ec7baf996f46/WindowsInstaller-KB893803-v2-x86.exe

after the last

call :download ...

If you are modifying xpsp2.mak, add:

KB893803_URL?=http://download.microsoft.com/download/1/4/7/\
147ded26-931c-4daf-9095-ec7baf996f46/WindowsInstaller-KB893803-v2-x86.exe
KB893803_EXE?=$(shell basename $(KB893803_URL))

right before

KBS=\

and

893803 \

right after.

KBS=\

Thanks for the positive feedback.

Two errors encountered in the latest revision of xpsp2.mak

Using the xpsp2.mak that was modified 5-10-2007, I have run into two errors so far. When slipstreaming the updates, KB923789 apparently fails to complete, complaining of a command-line syntax error. Also, when trying to use the completed ISO, windows setup complains about not being able to find usbehci.sys. This problem I was able to solve by renaming the file "usbehci.sy_" in the i386 folder to "USBEHCI.SY_". So, apparently case does matter for the Windows installer. I am starting a test install of my hopefully fixed disk, and I will post back here any additional problems I run into.

EDIT: Ok, well it seems there is some other issue at hand. The first phase of the install seems to succeed, but when I reboot the machine for the first time to continue installation, I get a blue-screen stop error. I have a screenshot of the error, though it doesn't look like it contains any actually valuable information. I've never quite gotten this tool to work for me. I'm starting with a bulk-licensed XP disc that had SP1 slipstreamed onto it. Might that be a root problem? I hope not, as the only other XP disks I have access to are re-jiggered OEM junk...

EDIT 2: Using my CD I was able to get a successful build by commenting out the list of hotfixes in the "KB" variable. I'll slowly add them back until I find the one that breaks stuff.

qhartman:

I'm unable to duplicate the issues you are describing.

I used the latest xpsp2.mak, and an original Windows XP Pro SP1 disk (not OEM). I then installed Windows without a hitch.

Wonderful work

Hi! I'd just like to say thanks for the hard work you put into that cmd script....it works really well, and now I can install windows more efficiently than before. Its great not to have to worry about updates!

One thing in my head though...I followed all instructions and there were 11 "high priority" updates still to download from M$...now having read the rest of the comments from you, i understand that these update are not really high priority...however, I for one would love it if ALL updates...regardless of importance could be integrated into this package.

Doing that would mean a clean install everytime...no updates, no fuss.

Once again...thanks for your efforts. I very much appreciate the time you took.

RSS issues

Ross,

I couldn't find anywhere more applicable to post this question, and since this update is the one that most concerns me, I figured here was better than anywhere else. I've attempted to subscribe to the RSS feeds you've provided on your site, but none of them seem to want to update in Google Reader. The newest entry that shows up is your latest installer for the stuff at sysinternals, posted a month ago. I've tried using 3 different feed URLs that I've found in various places so far:

http://smithii.com/node/feed (on the front page of smithii.com under 'Syndicate')
http://smithii.com/aggregator/rss (under the News Aggregator link on the front page)
http://smithii.com/blog/1/feed (from the bottom of the page after clicking on the ross's blog entry)

Is there something wrong with the feed generatorer or am I dumb? Your work on these tools is greatly appreciated (as my measly Paypal donation will hardly convey). Thanks for everything you do.

Re: RSS issues

I don't think it's a Google Reader problem. I think it's an issue with Drupal, the content management system my site uses. It doesn't always update the change date, when I modify an item.

Thanks for your PayPal donation (which are never measly). The donations, and the Google ads, almost pay for my hosting charges.

Missing hotfixes

I just ran xpsp2local.cmd on a fresh SP2 install, and Microsoft Baseline Security Advisor (MBSA) reported the following updates are missing:

Security Updates

	MS06-069 Security Update for Flash Player (KB923789) Critical  
  
Update Rollups and Service Packs
 
	Update for Windows XP (KB931836)  
	Windows Internet Explorer 7.0 for Windows XP (KB926874)
	Windows Malicious Software Removal Tool - May 2007 (KB890830)  

Unforuntately, MS06-069 Security Update for Flash Player (KB923789), is a non-standard hotfix, that does not use the same command line switches that the other hotfixes use.

xpsp2.cmd in german !!!

Hello

I translated the script for a german windows xp

write me an email and i send you the script.

My email address: sascha --AT-- maerkl-it.de

Best Regards

sascha

Updates not Applied

I just did an install from a CD created with the Cygwin Makefile version... Not sure if you care, but the following 'Important' updates weren't applied:
Critical Update for Windows XP (KB886185)
Security Update for Windows Messenger (KB887472)
Security Update for Windows XP (KB891781)
Update for Windows XP (KB910437)
Security Update for Windows XP (KB911562)
Update for Windows XP (KB900485)
Update for Windows XP (KB922582)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB922819)
Security Update for Flash Player (KB923789)
Update for Windows XP (KB931836)
Windows Genuine Advantage Notification (KB905474)
Windows Internet Explorer 7.0 for Windows XP
Windows Malicious Software Removal Tool - April 2007 (KB890830)
Update for Windows XP (KB935448)

Thanks for the feedback

Here's mine:

Critical Update for Windows XP (KB886185)
	Not a security hotfix
	
Security Update for Windows Messenger (KB887472) (MS05-009)
	Added
	
Security Update for Windows XP (KB891781)
	Included in xpsp2.cmd/xpsp2local.cmd (but I added to xpsp2.mak)

Update for Windows XP (KB910437)
	Not a security hotfix

Security Update for Windows XP (KB911562)
	Included in xpsp2.cmd/xpsp2local.cmd (but I added to xpsp2.mak)

Update for Windows XP (KB900485)
	Not a security hotfix

Update for Windows XP (KB922582)
	Not a security hotfix

Update for Windows XP (KB916595)
	Not a security hotfix

Update for Windows XP (KB920872)
	Not a security hotfix

Security Update for Windows XP (KB923414)
	Included in xpsp2.cmd/xpsp2local.cmd (but I added to xpsp2.mak)

Security Update for Windows XP (KB923191)
	Included in xpsp2.cmd/xpsp2local.cmd (but I added to xpsp2.mak)

Security Update for Windows XP (KB924191)
	Included in xpsp2.cmd/xpsp2local.cmd (but I added to xpsp2.mak)

Security Update for Windows XP (KB922819)
	Included in xpsp2.cmd/xpsp2local.cmd (but I added to xpsp2.mak)

Security Update for Flash Player (KB923789)
	Included in xpsp2.cmd/xpsp2local.cmd (but I added to xpsp2.mak)

Update for Windows XP (KB931836)
	Not a security hotfix

Windows Genuine Advantage Notification (KB905474)
	Not a security hotfix

Windows Internet Explorer 7.0 for Windows XP
	Not a security hotfix

Windows Malicious Software Removal Tool - April 2007 (KB890830)
	Not a security hotfix

Update for Windows XP (KB935448)
	Not a security hotfix

Vulnerability in Microsoft Agent Could Allow Spoofing (KB890046) (MS05-032)
	Added

Cumulative Security Update for Internet Explorer (KB931768) (MS07-027)
	Added

one more thing

Oh, I almost forgot to mention...

I don't think you need to slipstream KB926247 (MS06-074). By default, the SNMP Service isn't installed in a fresh installation of XP Pro SP2.

------------------------------
May the FOURCC be with you...

I'm attempting to include every security related hotfix

so unrelated patches may be included.

I know, but this one is useless

KB926247 does nothing on a fresh XP SP2 installation. It just reports an error when you run it, slipstreamed or not, because the SNMP service isn't present on a fresh install. If you're really attentive, you'll see a brief flash of a cmd window appear during the last 13 minutes of the install of your slipstreamed disc; that's the error message from this update.

first post

I just wanted to say thank you for this site! It's been inspirational for me, since I was recently hit by a nasty trojan and had to reformat and reinstall XP Pro SP2.

But I've done some research, and I have a few nitpicks...

I've not been able to verify that the following updates were superceded by later updates, as you claim. If you can provide official MS links to confirm this, I'd be grateful:

KB886185 (critical update for Windows Firewall)
KB873333 (MS05-012)
KB911562 (MS06-014)
KB921883 (MS06-040)
KB921398 (MS06-045)
KB925486 (MS06-055)
KB924191 (MS06-061)

Furthermore, KB928090 (MS07-016) isn't mentioned at all. AFAIK, this was the most recent cumulative update for IE6. I think it's especially important to include it, since you seem to have discarded all prior cumulative updates for IE6 from your list.

Lastly, you have KB902400 (MS05-051) listed twice, as being both included and excluded. (But that's obviously a typo, so I don't hold it against you. *wink*)

Again, thank you for this great site and your work.

---------------------------
May the FOURCC be with you

Thanks for the feedback

Here's mine:

KB886185 (critical update for Windows Firewall)
	Not a security patch
	
KB873333 (MS05-012): Vulnerability in OLE and COM could allow remote code execution
	Replaced by KB902400 (MS05-051):
        Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution
	See http://www.microsoft.com/technet/security/bulletin/ms05-051.mspx

KB911562 (MS06-014): Vulnerability in Microsoft Data Access Components (MDAC)
        function could allow code execution
	Replaced by KB927779 (MS07-009): 
        Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (Critical)
	See http://www.microsoft.com/technet/security/Bulletin/MS07-009.mspx

KB921883 (MS06-040): Vulnerability in Server service could allow remote code execution
	Replaced by KB924270 (MS06-070):
        Vulnerability in Workstation Service Could Allow Remote Code Execution (Critical)
	See http://www.microsoft.com/technet/security/bulletin/ms06-070.mspx

KB921398 (MS06-045): Vulnerability in Windows Explorer Could Allow Remote Code Execution (Important)
	Replaced by KB928255 (MS07-006):
        Vulnerability in Windows Shell Could Allow Elevation of Privilege
	See http://www.microsoft.com/technet/security/Bulletin/MS07-006.mspx
	
KB925486 (MS06-055): Vulnerability in Vector Markup Language Could Allow Remote Code Execution
	Replaced by KB929969: (MS07-004):
        Vulnerability in Vector Markup Language Could Allow Remote Code Execution (Critical)
	See http://www.microsoft.com/technet/security/bulletin/ms07-004.mspx
	
KB924191 (MS06-061)
	It has always been included

KB928090 (MS07-016) isn't mentioned
	It has always been included
	
KB902400 (MS05-051) listed twice
	Fixed

excellent information

Re:
KB873333 (MS05-012)
KB921883 (MS06-040)
KB921398 (MS06-045)
KB925486 (MS06-055)

Thank you! I am removing these from my own list now.

Re:
KB886185 (critical update for Windows Firewall)

Technically not a security patch, but you do list it on your page as being superceded.
I'd just like to know if you have a link that confirms this? Thanks.

Re:
KB911562 (MS06-014), replaced by KB927779 (MS07-009)
See http://www.microsoft.com/technet/security/Bulletin/MS07-009.mspx

Hmm... Unless I'm reading it wrong, Microsoft states that it does NOT replace MS06-014 for Windows XP SP2.

md5s.txt

WindowsXP-KB896428-x86-ENU.exe is not in the md5s.txt file...

just a heads up ;)

It seems like it was there

but I regenerated and updated md5s.txt anyway, just to be sure.

Thanks,

Ross

regedit returned error 0

I tried searching for this, but was unable to find anyone else with this problem.

I have a system with a clean install of XP pro SP2 oem

I used your "xpsp2local.cmd" to download all the updates as of 10 APR 2007 on another workstation. I then created an autorun.inf and made a .iso of all the updates/batch/autorun and burned the image to CD. This way I can take your local updates batch and run it against a clean system.

The error I received on the clean install was the following...

D:\>xpsp2local.cmd
Please save all files in the directory '.'
Can't export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates" to
"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\xpsp2.reg"
regedit returned error 0

I checked the location it was trying to export in the registry and soon realized it didn't exist! I thought this was strange because this CD I made worked fine on other systems. I began to wonder why my new system didn't have this entry in the registry. I soon realized it was because the install was from a XP pro SP2 oem CD (this of course should be the same for home, and volume license slipstreamed with only SP2 or original media).

I figured out why I didn't have an "updates" entry in the registry. The system had never applied updates to the system! The very second I installed one patch from the cd (by just running a random patch with "/q") I got the entry.

I began looking at the batch file, and I understand you wrote some of the errors for obvious reasons. I couldn't figure out why when the system didn't have this entry at all it went into freak mode.

Final line break (I promise) Is there a way to change the batch to allow clean installs to update without this entry in the registry? Any help is greatly appreciated.

Good catch

bbentley,

You're right, the script should not assume the registry key exists.

I've updated the script to not return an error if the key is not found.

Thanks,

Ross

msxml6-KB925673-enu-x86.exe has moved

It's now at
http://download.microsoft.com/download/b/e/1/be1f6217-8d74-4181-bc0d-7ad794ef3d69/msxml6-KB925673-enu-x86.exe

size of result

Great script!

Unlike others who found themselves with over 700MB, my WXPVOL_EN directory is (after a clean run of xpsp2.cmd) 500MB in size. I can't for the life of me figure out why.

Is there anything obvious I might be doing wrong to cause this?

Phil

Check original media?

If you have previously slipstreamed a XP or XP SP1 cd and removed the folders and files as mentioned by a previous post your size will be smaller than the rest. For example if your original media didn't have the "Lang" folder on it you would be less 100+MB right of the top. Personally I try and make my OS installs as small as possible because the end result is always time taken on your part.

How do I find the hotfixes on the MS website

Sorry for the "newb" question, but how does one go find the files on MS's website? The paths I see in the hotfixes that are downloaded are cryptic (to me anyway).

I'm curious in case there are hotfixes you don't include in your updates that might apply to me.

Thanks!

Raynman

There are *many* hotfixes I'm not including

I'm just including the security hotfixes. http://www.ryanvm.net/msfn/updatepack.html has a great list of hotfixes.

To get the download URL, click on the hotfix link, then link for "IT Professionals", then "Windows XP Service Pack 2", then click on the download button. Be sure you're using a download utility such as GetRight, or FlashGet, to get the "final" URL.

I hope that helps,

-Ross

Waiting for "hotfix filename" to appear error......

I got this error when I first started using the tool. I think it was due to my trying to put the hotfixes and slipstreamed image in a diffent path then the xpsp2.cmd file. I did some digging and found this switch for the wget utility (which is WAY better than using my IE browser and hitting the save button a zillion times!)

-P prefix
--directory-prefix=prefix
Set directory prefix to prefix. The directory prefix is the directory where all other files and subdirectories will be saved to, i.e. the top of the retrieval tree. The default is . (the current directory).

I changed my copy of the xpsp2.cmd program as follows and it worked! (note this switch is case sensitive and is an upper case P)

wget --version >nul 2>nul
if not errorlevel 9009 (
set DOWNLOADER=wget -nd -N -P%hotfixdir%
goto start_downloads

Hope this helps anyone having problems.

Thanks for this awesome tool, Ross!

Raynman

xpsp2.cmd works fine

Update ... xpsp2.cmd works just fine, but its not an ISO image ..

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 
Special thanks to Riester Rente Online for a generous donation!