DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 

Automatically Slipstream Windows XP with SP2 and All Post-SP2 Security Hotfixes with a Single Command (Updated 03-May-09)

For information about slipstreaming Windows XP SP3, visit http://smithii.com/slipstream_xpsp3.

I've written the batch file xpsp2.cmd (updated 03-May-09) to automatically download and slipstream a standard Windows XP boot disk with Service Pack 2 and all post-SP2 security hotfixes.

It uses wget or curl (if either are found in the PATH), or your installed browser to download the updates. I have tested this with Internet Explorer, Firefox, and Opera. Other browsers should work, as well.

The batch file xpsp2local.cmd (updated 03-May-09) will update the copy of Windows XP that is installed on the computer you run the command on. You may wish to do this, if you do not have, or want, the machine you want to hotfix connected to the internet, or if you are unable to run Windows Update for some reason (for example, if Internet Explorer isn't installed, or doesn't work properly, due to a virus or similar mishap).

To slipstream the hotfixes, and burn the slipstreamed disk, I've created the makefile xpsp2.mak (updated 03-May-09). Details on usage below.

Microsoft XML Core Services Hotfixes

For Microsoft XML Core Services, run msxml_hotfixes.cmd (updated 24-Aug-07) to install the latest hotfixes locally.

Microsoft Office 2003 SP2 and Hotfixes

For Office 2003, run office_2003_hotfixes.cmd (updated 25-Aug-07) to install Service Pack 2, and all post-SP2 hotfixes locally.

The xpsp2* scripts listed above include the following security updates found at http://www.microsoft.com/technet/security/current.aspx:


Apr 09:

MS09-010 - Critical
Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
KB923561
SP2: replaces none
SP3: replaces none

MS09-013 - Critical
Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
SP2: replaces none
SP3: replaces none

MS09-011 - Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
SP2: replaces MS08-033
SP3: replaces MS08-033

MS09-014 - Critical
Cumulative Security Update for Internet Explorer (963027)
SP2: replaces MS08-073, MS08-078
SP3: replaces MS08-073, MS08-078

MS09-012 - Important
Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
SP2: replaces MS07-022, MS08-002, MS08-064
SP3: replaces MS08-064

MS09-015 – Moderate
Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
SP2: replaces MS07-035
SP2: replaces MS07-035

Mar 09:

MS09-006 – Critical
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
SP2: replaces MS08-061
SP3: replaces MS08-061

MS09-007 - Important
Vulnerability in SChannel Could Allow Spoofing (960225)
SP2: replaces MS07-031
SP3: replaces none

Feb 09:

Jan 09:

MS09-001 – Critical
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
SP2: replaces MS08-063
SP3: replaces MS08-063

Dec 08:

MS08-071 – Critical
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
SP2: replaces MS08-021
SP3: replaces none

MS08-073 - Critical
Cumulative Security Update for Internet Explorer (958215)
SP2: replaces MS08-058
SP3: replaces MS08-058

MS08-076 – Important
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
SP2: replaces none
SP3: replaces none

MS08-078 - Critical
Security Update for Internet Explorer (960714)
SP2: replaces none
SP3: replaces none

Nov 08:

MS08-068 | Important
Vulnerability in SMB Could Allow Remote Code Execution (957097)
SP2: replaces MS05-011
SP3: replaces none

MS08-069 | Critical
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
SP2: replaces MS06-042
SP3: replaces none

Oct 08:

MS08-058 - Critical
Cumulative Security Update for Internet Explorer (956390)
SP2: replaces MS08-045
SP3: replaces MS08-045

MS08-061 – Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
SP2: replaces MS08-025
SP3: replaces none

MS08-062 - Important
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
SP2: replaces none
SP3: replaces none

MS08-063 – Important
Vulnerability in SMB Could Allow Remote Code Execution (957095)
SP2: replaces MS06-063
SP3: replaces none

MS08-064 – Important
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
SP2: replaces MS07-022
SP3: replaces none

MS08-066 – Important
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
SP2: replaces none
SP3: replaces none

MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
SP2: replaces MS06-040
SP3: replaces none

Sep 08:

MS08-052 - Critical
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
SP2: replaces none
SP3: replaces none

MS08-053 - Critical
Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
SP2: replaces none
SP3: replaces none

MS08-054 - Critical
Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
SP2: replaces none
SP3: replaces none

Aug 08:

MS08-045 - Critical
Cumulative Security Update for Internet Explorer (953838)
SP2: replaces MS08-031
SP3: replaces MS08-031

MS08-046 - Critical
Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
SP2: replaces none
SP3: replaces none

MS08-048 - Important
Security Update for Outlook Express and Windows Mail (951066)
SP2: replaces none
SP3: replaces none

MS08-049 - Important
Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
SP2: replaces none
SP3: replaces none

MS08-050 - Important
Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
SP2: replaces none
SP3: replaces none

Jul 08:

MS08-037 - Important
Vulnerabilities in DNS Could Allow Spoofing (953230)
SP2: replaces MS06-064, MS08-001
SP3: replaces none

Jun 08:

MS08-030 - Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
SP2: replaces none
SP3: replaces none

MS08-031 - Critical
Cumulative Security Update for Internet Explorer (950759)
SP2: replaces MS08-024
SP3: replaces none
replaced by MS08-45

MS08-032 - Moderate
Cumulative Security Update of ActiveX Kill Bits (950760)
SP2: replaces MS08-023
SP3: replaces none

MS08-033 - Critical
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
SP2: replaces MS07-064
SP3: replaces none

MS08-035 - Important
Vulnerability in Active Directory Could Allow Denial of Service (953235)
SP2: replaces MS08-003
SP3: replaces none

MS08-036 - Important
Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
SP2: replaces MS06-052
SP3: replaces none
  1. KB941693: MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege Release 08-Apr-08 (Important)
  2. KB944338: MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution Release 08-Apr-08 (Critical)
  3. KB948590: MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution Release 08-Apr-08 (Critical)
  4. KB945553: MS08-020: Vulnerability in DNS Client Could Allow Spoofing Release 08-Apr-08 (Important)
  5. <!-- Feb, 2008: http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx -->

  6. KB947890: MS08-008: Vulnerability in OLE Automation Could Allow Remote Code Execution Released 12-Feb-08 (Critical)
  7. KB946026: MS08-007: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution Released 12-Feb-08 (Critical)
  8. KB942830: MS08-006: Vulnerability in Internet Information Services Could Allow Remote Code Execution Released 12-Feb-08 (Important)
  9. KB942831: MS08-005: Vulnerability in Internet Information Services Could Allow Elevation of Privilege Released 12-Feb-08 (Important)
  10. <!-- Jan, 2008: http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx -->

  11. KB943485: MS08-002: Vulnerability in LSASS Could Allow Local Elevation of Privilege Released 08-Jan-08 (Important)
  12. <!-- Dec, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx -->

  13. KB941569: MS07-068: Vulnerability in Windows Media File Format Could Allow Remote Code Execution Released 11-Dec-07 (Critical)
  14. KB944653: MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege Released 11-Dec-07 (Important)
  15. KB937894: MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution Released 11-Dec-07 (Important)
  16. <!-- Nov, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-nov.mspx -->

  17. KB943460: MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution Released 13-Nov-07 (Critical)
  18. <!-- Oct, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx -->

  19. KB933729: MS07-058: Vulnerability in RPC Could Allow Denial of Service Released 09-Oct-07 (Important)
  20. KB941202: MS07-056: Security Update for Outlook Express and Windows Mail Released 09-Oct-07 (Critical)
  21. KB923810: MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution Released 09-Oct-07 (Critical)
  22. <!-- Aug, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx -->

  23. KB938127: MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 14-Aug-07 (Important)
  24. KB936782: MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  25. <!-- Jul, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-jul.mspx -->

  26. KB939373: MS07-041: Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution Released 20-Jul-07 (Important)
  27. <!-- June, 2007: http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx -->

  28. KB935839: MS07-035: Vulnerability in Win32 API Could Allow Remote Code Execution Released 12-Jun-07 (Critical)
  29. KB929123: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail Released 12-Jun-07 (Critical)
  30. KB935840: MS07-031: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution Released 12-Jun-07 (Critical)
  31. <!-- May, 2007: http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx -->

    <!-- April, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx -->

  32. KB931784: MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege Released 07-Apr-07 (Important)
  33. KB930178: MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  34. KB932168: MS07-020: Vulnerability in Microsoft Agent Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  35. KB931261: MS07-019: Vulnerability in Universal Plug and Play Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  36. KB925902: MS07-017: Security Update for Windows XP Released 03-Apr-07 (Critcal)
  37. <!-- February, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-feb.mspx -->

  38. KB918118: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  39. KB924667: MS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  40. KB926436: MS07-011: Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (Important) Released 12-Feb-07 (Important)
  41. KB927779: MS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution Released 12-Feb-07 (Critical)
  42. KB928843: MS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution Released 12-Feb-07 (Critical)
  43. KB927802: MS07-007: Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege Released 12-Feb-07 (Important)
  44. KB928255: MS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege Released 12-Feb-07 (Important)
  45. <!-- December, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx -->

  46. KB926255: MS06-075: Vulnerability in Windows Could Allow Elevation of Privilege Released 12-Dec-06 (Important)
  47. KB926247: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution Released 12-Dec-06 (Important)
  48. <!-- November, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx -->

  49. KB924270: MS06-070: Vulnerability in Workstation Service Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  50. KB920213: MS06-068: Vulnerability in Microsoft Agent Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  51. KB923980: MS06-066: Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution Released 14-Nov-06 (Important)
  52. <!-- October, 2006: http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx -->

  53. KB924496: MS06-065: Vulnerability in Windows Object Packager Could Allow Remote Execution Released 10-Oct-06 (Moderate)
  54. KB923414: MS06-063: Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution Released 10-Oct-06 (Important)
  55. KB924191: MS06-061: Vulnerabilities in Microsoft XML Core Services could allow remote code execution Released 10-Oct-06 (Critical)
  56. KB923191: MS06-057: Vulnerability in Windows Explorer Could Allow Remote Execution Released 10-Oct-06 (Critical)
  57. <!-- September, 2006: http://www.microsoft.com/technet/security/bulletin/ms07-sep.mspx -->

  58. KB920685: MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting Released 12-Sep-06 (Moderate)
  59. <!-- August, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-aug.mspx -->

  60. KB920670: MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution  Released 08-Aug-06 Important)
  61. KB920683: MS06-041: Vulnerability in DNS Resolution Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  62. <!-- July, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jul.mspx -->

  63. KB914388: MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution Released 11-Jul-06 (Critical)
  64. <!-- June, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx -->

  65. KB914389: MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege Released 13-Jun-06 (Important)
  66. KB911280: MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  67. KB918439: MS06-022: Vulnerability in ART Image Rendering Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  68. <!-- May, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-may.mspx -->

  69. KB913580: MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator could allow denial of service Released 09-May-06 (Moderate)
  70. <!-- April, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx -->

  71. KB908531: MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution Released 11-Apr-06 (Updated 25-Apr-06) (Critical)
  72. KB911562: MS06-014: Vulnerability in Microsoft Data Access Components (MDAC) function could allow code execution Released 11-Apr-06 (Updated 11-May-06) (Critical)
  73. <!-- February, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-feb.mspx -->

  74. KB901190: MS06-009: Vulnerability in the Korean Input Method Editor (IME) could allow elevation of privilege Released 10-May-06 (Important)
  75. KB911927: MS06-008: Vulnerability in Web Client Service Could Allow Remote Code Execution Released 10-May-06 (Important)
  76. KB911564: MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution Released 10-May-06 (Important)
  77. KB911565: MS06-005: Vulnerability in Windows Media Player 9 Could Allow Remote Code Execution Released 10-May-06 (Critical)
  78. <!-- January, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx -->

  79. KB908519: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution Released 11-Jan-06 (Critical)
  80. <!-- November, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-nov.mspx -->

  81. KB902400: MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution Released 8-Nov-05 (Critical)
  82. <!-- October, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx -->

  83. KB900725: MS05-049: Vulnerabilities in the Windows shell could allow for remote code execution Released 29-Dec-05 (Important)
  84. KB901017: MS05-048: Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution Released 29-Dec-05 (Important)
  85. KB905749: MS05-047: Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege Released 29-Dec-05 (Important)
  86. KB905414: MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service Released 29-Dec-05 (Moderate)
  87. <!-- August, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-aug.mspx -->

  88. KB896423: MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution Released 14-Aug-05 (Critical)
  89. KB899587: MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing Released 14-Aug-05 (Moderate)
  90. KB899591: MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service Released 14-Aug-05 (Moderate)
  91. KB893756: MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution Released 14-Aug-05 (Important)
  92. <!-- July, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx -->

  93. KB901214: MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution Released 12-Jul-05 (Critical)
  94. <!-- June, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx -->

  95. KB896428: MS05-033: Vulnerability in Telnet Client Could Allow Information Disclosure Released 14-Jun-05 (Moderate)
  96. KB890046: MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing Released 14-Jun-05 (Moderate)
  97. KB896358: MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution Released 14-Jun-05 (Critical)
  98. <!-- April, 2005 -->

  99. KB890859: MS05-018: Vulnerabilities in Windows kernel Could Allow Elevation of Privilege and Denial of Service Released 12-Apr-05 (Important)
  100. <!-- February, 2005 -->

  101. KB891781: MS05-013: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Code Execution Released 8-Feb-05 (Critical)
  102. KB887472: MS05-009: Vulnerability in PNG Processing Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  103. KB888302: MS05-007: Vulnerability in Windows Could Allow Information Disclosure Released 8-Feb-05 (Important)
  104. <!-- December, 2004 -->

  105. KB885835: MS04-044: Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege Released 14-Dec-04 (Important)
  106. KB873339: MS04-043: Vulnerability in HyperTerminal Could Allow Code Execution Released 14-Dec-04 (Important)
  107. KB885836: MS04-041: A Vulnerability in WordPad Could Allow Code Execution Released 14-Dec-04 (Important)
  108. <!-- August, 2004 -->

  109. KB835935: Windows XP Service Pack 2 Released 24-Aug-04

<!-- ******************************************************************** -->
These updates are not included as they have been superceeded by a following update:
<!-- ******************************************************************** -->

  1. KB947864: MS08-024: Cumulative Security Update for Internet Explorer Release 08-Apr-08 (Critical)
  2. KB948881: MS08-023: Security Update of ActiveX Kill Bits Release 08-Apr-08 (Critical)
  3. KB944533: MS08-010: Cumulative Security Update for Internet Explorer Released 12-Feb-08 (Critical)
  4. KB946538: MS08-003: Vulnerability in Active Directory Could Allow Denial of Service Released 12-Feb-08 (Important)
  5. KB941644: MS08-001: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution Released 08-Jan-08 (Critical)
  6. KB938829: MS07-046: Vulnerability in GDI Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  7. KB942615: MS07-069: Cumulative Security Update for Internet Explorer Released 11-Dec-07 (Critical)
  8. KB941568: MS07-064: Vulnerabilities in DirectX Could Allow Remote Code Execution Released 11-Dec-07 (Critical)
  9. KB939653: MS07-057: Cumulative Security Update for Internet Explorer Released 09-Oct-07 (Critical)
  10. KB937143: MS07-045: Cumulative Security Update for Internet Explorer Released 14-Aug-07 (Critical)
  11. KB921503: MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  12. KB933566: MS07-033: Cumulative Security Update for Internet Explorer Released 12-Jun-07 (Critical)
  13. KB931784: MS07-027: Cumulative Security Update for Internet Explorer Released 08-May-07 (Critical)
  14. KB928090: MS07-016: Cumulative Security Update for Internet Explorer Released 12-Feb-07 (Critical)
  15. KB929969: MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 09-Jan-07 (Critical)
  16. KB923689: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution Released 12-Dec-06 (Critical)
  17. KB923694: MS06-076: Cumulative Security Update for Outlook Express Released 12-Dec-06 (Important)
  18. KB925454: MS06-072: Cumulative Security Update for Internet Explorer Released 12-Dec-06 (Critical)
  19. KB922760: MS06-067: Cumulative Security Update for Internet Explorer Released 14-Nov-06 (Critical)
  20. KB925486: MS06-055: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 12-Sep-06 (Critical)
  21. KB922819: MS06-064: Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service Released 10-Oct-06 (Low)
  22. KB919007: MS06-052: Vulnerability in Reliable Multicast Program (PGM) Could Allow Remote Code Execution Released 12-Sep-06 (Important)
  23. KB917422: MS06-051: Vulnerability in Windows Kernel Could Result in Remote Code Execution Released 08-Aug-06 (Critical)
  24. KB922616: MS06-046: Vulnerability in HTML Help Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  25. KB921398: MS06-045: Vulnerability in Windows Explorer Could Allow Remote Code Execution  Released 08-Aug-06 Important)
  26. KB920214: MS06-043: Vulnerability in Microsoft Windows Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  27. KB918899: MS06-042: Cumulative Security Update for Internet Explorer Released 08-Aug-06 (Critical)
  28. KB921883: MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  29. KB917159: MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution Released 11-Jul-06 (Critical)
  30. KB917537: MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution Released 11-Jul-06 (Important)
  31. KB917953: MS06-032: Vulnerability in TCP/IP Could Allow Remote Code Execution Released 13-Jun-06 (Important)
  32. KB917734: MS06-024: Vulnerability in Windows Media Player Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  33. KB917344: MS06-023: Vulnerability in Microsoft JScript Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  34. KB916281: MS06-021: Cumulative Security Update for Internet Explorer Released 13-Jun-06 (Critical)
  35. KB913433: MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution Released 09-May-06 (Critical)
  36. KB911567: MS06-016: Cumulative Security Update for Outlook Express Released 11-Apr-06 (Important)
  37. KB912812: MS06-013: Cumulative Security Update for Internet Explorer Released 11-Apr-06 (Critical)
  38. KB913446: MS06-007: Vulnerability in TCP/IP Could Allow Denial of Service Released 10-May-06 (Important)
  39. KB912919: MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Released 6-Jan-06 (Critical)
  40. KB905915: MS05-054: Cumulative Security Update for Internet Explorer Released 13-Dec-05 (Critical)
  41. KB896424: MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution Released 8-Nov-05 (Critical)
  42. KB896688: MS05-052: Cumulative Security Update for Internet Explorer Released 29-Dec-05 (Critical)
  43. KB904706: MS05-050: Vulnerability in DirectShow Could Allow Remote Code Execution Released 29-Dec-05 (Critical)
  44. KB899589: MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution Released 29-Dec-05 (Important)
  45. KB899588: MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege Released 14-Aug-05 (Critical)
  46. KB896727: MS05-038: Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 Released 14-Aug-05 (Critical)
  47. KB903235: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution Released 14-Aug-05 (Critical)
  48. KB890046: MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing Released 14-Jun-05 (Moderate)
  49. KB896422: MS05-027: Vulnerability in Server Message Block Could Allow Remote Code Execution Released 14-Jun-05 (Critical)
  50. KB883939: MS05-025: Cumulative Security Update for Internet Explorer Released 14-Jun-05 (Critical)
  51. KB890923: MS05-020: Cumulative security update for Internet Explorer Released 12-Apr-05 (Important)
  52. KB893086: MS05-016: Vulnerability in Windows Shell that Could Allow Remote Code Execution Released 12-Apr-05 (Critical)
  53. KB888113: MS05-015: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  54. KB873333: MS05-012: Vulnerability in OLE and COM Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  55. KB885250: MS05-011: Vulnerability in Server Message Block Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  56. KB890047: MS05-008: Vulnerability in Windows shell could allow remote code execution Released 8-Feb-05 (Important)
  57. KB890175: MS05-001: Vulnerability in HTML Help could allow code execution Released 11-Jan-05 (Critical)
  58. <!--
    not security updates

  59. KB885932: Update for Internet Explorer 6 for XP Service Pack 2
  60. KB884020: Programs that connect to IP addresses that are in the loopback address range may not work as you expect in Windows XP Service Pack 2 Released Sep-04
  61. KB886185: Critical update for Windows Firewall "My Network (subnet) only" scoping in Windows XP Service Pack 2 Released 14-Dec-04 (Critical)
  62. -->

<!-- ******************************************************************** -->
The following security updates are not presently included:
<!-- ******************************************************************** -->

  1. KB923723: MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  2. KB923789: MS06-069: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  3. KB898458: MS05-031: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution Released 14-Jun-05 (Important)
  4. KB893066: MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service Released 12-Apr-05 (Critical)
  5. KB890261: MS05-009: Vulnerability in PNG Processing Could Lead to Buffer Overrun Released 8-Feb-05 (Critical)
  6. KB887219: MS05-004: ASP.NET Path Validation Vulnerability Released 8-Feb-05 (Important)
  7. KB816093: MS03-011: Flaw in Microsoft VM Could Enable System Compromise Released 14-Dec-04 (Critical)

Please let me know if you feel I've missed an important update.

Fitting All the Hotfixes onto a 700MB CD

If you slipstream all of the hotfixes listed above, the resulting size will be greater than will fit on a single 700MB "80 minute" CD-R. There are two options to get around this limitation:

1. Burn to a DVD instead of a CD. Of course, this isn't an option if the computer you are installing on does not have a DVD drive, or you don't have software to burn an .ISO file to a DVD.

2. Remove unneeded directories from the CD. On my Windows XP SP1 CD, I found I could delete the following directories before creating the .ISO:

D:\I386\WIN9XMIG: 33.5MB (Windows 9x migration files, not used when performing a fresh XP installation)
D:\DOTNETFX:      33.1MB (.NET Framework, install this manually later if needed)
D:\cmpnents       26.5MB (.NET Framework, TabletPC)
D:\SUPPORT:       11.3MB (Support tools, not used by the installer)
D:\VALUEADD:       9.1MB (Value added programs, not used by the installer)
D:\I386\WIN9XUPG:  3.9MB (Windows 9x upgrade files, not used when performing a fresh XP installation)
D:\DOCS:           0.1MB (Miscellaneous documents, not used by the installer)

If you don't need to install the Recovery Console, you can remove:

D:\I386\WINNTUPG:  1.0MB (Windows NT/2000 upgrade files, not used when performing a fresh XP installation)

If you don't need to install languages other than English, you can remove:

D:\I386\LANG:    101.7MB

If you remove all of the above directories, you will have reduced the size of the CD by over 223MB. Using my Windows XP SP1 disk, I went from 786MB, to 563MB, which easily fits on most sizes of CD-R media (see the table below).

Here is a table listing the different sizes of CD media. The sizes listed below I discovered empirically, and may vary depending on the type of media used.

Disk Type                       Size
------------------------ -----------
80 minute/"700MB" CD-R   697,425,920
74 minute/"650MB" CD-R   642,883,584
80 minute/"700MB" CD-R/W 598,808,576
74 minute/"650MB" CD-R/W 557,260,800

Of course, using a program such as nLite, you can accomplish a far greater size reduction that what is listed above.

For more information, see:

http://unattended.msfn.org/unattended.xp/view/web/57/
http://pages.videotron.com/tbone/unattended/#_Toc79089721

Using Cygwin to Burn a Bootable CD

If you have, or install, Cygwin, you can build and burn a bootable CD, by editing the CD and CD_DEV variables at the beginning of xpsp2.mak, and typing:

$ make -f xpsp2.mak

You can also add the parameters on the command line:

$ make -f xpsp3.mak CD=F: CD_DEV=0,0,0

If you include md5s.txt (updated 03-May-09), make will verify the files downloaded correctly before executing them.

Note: KB885835 and KB885250 share the same file (mrxsmb.sys), so an error occurs if you attempt to slipstream both of them at once. These scripts solve this issue by superceeding KB885835's version of the file (5.1.2600.2541, xpsp_sp2_gdr.040919-1056, dated 10-27-2004, 448,128 bytes) with KB885250's version (5.1.2600.2598, xpsp_sp2_gdr.041130-1729, dated 1-18-2005, 451,584 bytes).

Of course, to run make, you will need to install Cygwin and select the make, perl, and wget packages.

To create a Windows XP boot disk with Service Pack 1a and Update Rollup 1 (KB826939), use xpsp1_ru.mak.

Older Scripts

To create a Windows XP boot disk with only SP1a, use xpsp1.mak.

To create a Windows 2000 boot disk with SP4, use w2k_sp4.mak.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

bbie10 errors

hello .. love the site ..

After copying all necessary files to cd and beiging download of the bbie10 files i get the following and terminating error ..

touch WindowsXP-KB835935-SP2-ENU.exe.touch
Downloading http://69.90.47.6/mybootdisks.com/mybootdisks_com/nu2/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://www.hamnerconsulting.com/nu2/mirrorfiles/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://securitywonks.net/n2u/mirrorfiles/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://securitywonks.org/n2u/mirrorfiles/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://nu2.zone-x.com/mirrorfiles/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://www.web-techs.net/bart/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://sharkden.com/bart/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://www.mirror.ac.uk/mirror/ftp.nu2.nu/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading ftp://dl.xs4all.nl/pub/mirror/nu2files/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://ftp.rz.tu-bs.de/pub/mirror/www.nu2.nu/nu2files/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://downloads.planetmirror.com/pub/nu2files/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading ftp://dlsrv3.winboard.org/nu2/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://217.160.177.182/nu2files/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://bartpe.surfnow.nl/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://gd.tuwien.ac.at/pc/nu2files/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://nu2.abwehr.net/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://nu2.gipsvagga.com/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://nu2.phpwiz.dk/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://nu2files.osterberg.org/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://nu2mirror.frashii.com/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
Downloading http://www.nu2.mostlycreativeworkshop.com/files/bbie10.zip...
C:\DOCUME~1\lenny\LOCALS~1\Temp\make30408.sh: command not found: wget [1]
make: *** [bbie10.zip] Error 1

Any ideas?

LBSources

Is the wget program in your path?

It appears that xpsp2.cmd is having trouble finding the wget program on your system. Try reinstalling it.

Alternative to cygwin for burning?

Hi, Ross --

I must say I'm super impressed with your work so far. One problem: I guess I should have looked ahead, because I'm a total cygwin noob and am having no success with the 'cdrecord -scanbus' command. I'm sure it's something simple I'm missing, but I didn't realize I'd be working in a Linux-like environment and I'm at a total loss.

I've run the the xpsp2.cmd batch file with apparent success. What I'm wondering is, is there a way to burn a boot disk without using cygwin? I thought I could probably hash my way through it, but I can't seem to find the directory into which all the SP1 and SP2 files and updates have been integrated. I thought with the help of ISObuster I could probably manage it, but I'm lost when it comes to locating the aggregated files/directories I need pull up to create the boot disk.

Sorry for bothering you with what I'm sure sounds like an idiotic question, but I'm just really hoping I get a clean install out of what I've done so far rather than having to rely on one of the other slipstream sites and having to download all these hotfixes yet again, since I'm no longer sure where they're hanging out (aside from as numerous .exe's on my desktop.

Again, apologies if I'm missing something obvious here. I'm moderately technologically adept. Just a dolt when it comes to command line stuff outside of what I remember from the DOS days. Thanks in advance for any info you can provide me.

Yes, you can

I searched Google for slipstream nero, and came up with http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp, which explains how to do it with Nero. These instructions should work with any CD burning software that can create a bootable CD.

The directory containing the slipstreamed files are by default in the directory you ran the script from. For me, it's name X1APCCP_EN as that's the volume ID of the CD I'm starting with.

Bug Report

I receive the following error when executing "make -f xpsp2.mak" (using the 29-Jan-07 build):

line 2: mkisofs.exe: command not found
make: *** [xpsp2.ISO.touch] Error 127

Fixed in the latest release

Sorry 'bout that.

Replaced Updates 924191, 913446 and 896422

924191 (10-Oct-2006) replaced by (928088) MS06-071
913446 (14-Feb-2006) replaced by (917953) MS06-032
896422 (14-Jun-2005) replaced by (923414) MS06-063

Jacques

Thanks for the feedback

For:

KB913446 / MS06-007 (14-Feb-2006) replaced by KB917953 / MS06-032
KB896422 / MS05-027 (14-Jun-2005) replaced by KB923414 / MS06-063

I removed the superceeded items.

For:

KB924191 / MS06-061 (10-Oct-2006) replaced by KB928088 / MS06-071

I removed this fix. I've created a new script, called msxml_hotfixes.cmd, which will apply these hotfixes if needed.

Observation

With regard to 16-Dec-06 edition of xpsp2.cmd, First I mounted an iso image of XPVOL_EN which was made using the August edition of xpsp2.cmd using Daemon tools. Next I ran the December edition of xpsp2 which ended with :-

Integrating C:\\WindowsMedia-KB911564-x86-ENU.exe...
Integrating C:\\WindowsMedia9-KB911565-x86-ENU.exe...
Integrating C:\\WindowsMedia9-KB917734-x86-ENU.exe...
Integrating C:\\WindowsXP-KB901190-x86-ENU.exe...
Integrating C:\\WindowsXP-KB908531-v2-x86-ENU.exe...
Integrating C:\\WindowsXP-KB911280-v2-x86-ENU.exe...
Integrating C:\\WindowsXP-KB911562-x86-ENU.exe...
Integrating C:\\WindowsXP-KB911927-x86-ENU.exe...
Integrating C:\\WindowsXP-KB913446-x86-ENU.exe...
Integrating C:\\WindowsXP-KB913580-x86-ENU.exe...
Integrating C:\\WindowsXP-KB914388-x86-ENU.exe...
Integrating C:\\WindowsXP-KB914389-x86-ENU.exe...
Integrating C:\\WindowsXP-KB917344-x86-ENU.exe...
Integrating C:\\WindowsXP-KB917422-x86-ENU.exe...
Integrating C:\\WindowsXP-KB917537-x86-ENU.exe...
Integrating C:\\WindowsXP-KB917953-x86-ENU.exe...
Integrating C:\\WindowsXP-KB918439-x86-ENU.exe...
Integrating C:\\WindowsXP-KB919007-x86-ENU.exe...
Integrating C:\\WindowsXP-KB920213-x86-ENU.exe...
Integrating C:\\WindowsXP-KB920670-x86-ENU.exe...
Integrating C:\\WindowsXP-KB920683-x86-ENU.exe...
Integrating C:\\WindowsXP-KB920685-x86-ENU.exe...
Integrating C:\\WindowsXP-KB921398-x86-ENU.exe...
Integrating C:\\WindowsXP-KB922616-x86-ENU.exe...
Integrating C:\\WindowsXP-KB922819-x86-ENU.exe...
Integrating C:\\WindowsXP-KB923191-x86-ENU.exe...
Integrating C:\\WindowsXP-KB923414-x86-ENU.exe...
Integrating C:\\WindowsXP-KB923689-x86-ENU.EXE...
Integrating C:\\WindowsXP-KB923694-x86-ENU.exe...
Integrating C:\\WindowsXP-KB923980-x86-ENU.exe...
Integrating C:\\WindowsXP-KB924191-x86-ENU.exe...
Integrating C:\\WindowsXP-KB924270-x86-ENU.exe...
Integrating C:\\WindowsXP-KB924496-x86-ENU.exe...
Integrating C:\\WindowsXP-KB925454-x86-ENU.exe...
Integrating C:\\WindowsXP-KB925486-x86-ENU.exe...
Integrating C:\\WindowsXP-KB926247-x86-ENU.exe...
Integrating C:\\WindowsXP-KB926255-x86-ENU.exe...

The directory 'C:\\WXPVOL_EN' has been successfully updated.

... as expected.

I next made a new iso image from the directory "C:\WXPVOL_EN" with the command;

mkisofs.exe -v -iso-level 4 -force-uppercase -volid "WXPVOL_EN" -A MKISOFS -sysid "DOS" -b "boot.bin" -no-emul-boot -boot-load-size 4 -hide "boot.bin" -hide "boot.catalog" -o "WXPVOL_EN.iso" WXPVOL_EN

Using a cd made from the resulting iso image, I performed a clean install on a machine and visited Microsoft Update. After the installation of windows installer 3.1 and WGA and following a reboot, a revisit to Microsoft update informed me that I required the same 30+
updates that I had just integrated into the cd.

RE: Observation

I suppose it helps if you point cdrecord at the new iso image rather than the original!
- I'll get my coat :)

Off topic

Why does your path include double slashs? "Integrating c:\\"

When I run the script I don't get that.
Then again, its not working correctly for me yet either.

edit:

Perhaps These updates require changes in the registry (or something) to show Windows Updates that they are installed.
Further, do you think registry changes are needed for some updates to work properly?

URL's for Spanish Updates

Just in case anyone wants them, here are the download URL's for the updates in Spanish...

http://download.microsoft.com/download/a/d/8/ad88e37e-7711-4227-8a8d-fd13c47919e9/WindowsXP-KB873339-x86-ESN.exe
http://download.microsoft.com/download/2/4/1/241b08c4-8c39-47ac-97a6-e08d76c3b670/WindowsXP-KB885835-x86-ESN.exe
http://download.microsoft.com/download/c/1/f/c1fad355-94de-4142-bbf4-13a57fcff27c/WindowsXP-KB885836-x86-ESN.exe
http://download.microsoft.com/download/7/2/4/724b9a49-ab8a-43a8-9c1d-0b0c05af6952/WindowsXP-KB888302-x86-ESN.exe
http://download.microsoft.com/download/e/5/1/e51d2f48-f1b7-4105-bae0-00f2995ec5a8/WindowsXP-KB891781-x86-ESN.exe
http://download.microsoft.com/download/5/0/b/50bda70e-3b64-44b4-831d-ab9bf35d0e6a/WindowsXP-KB890859-x86-ESN.exe
http://download.microsoft.com/download/1/8/3/183fe10e-efc8-49d1-94c6-0452774e44d4/WindowsXP-KB896358-x86-ESN.exe
http://download.microsoft.com/download/6/3/c/63c7006a-326e-488e-a3ea-078045029d89/WindowsXP-KB896422-x86-ESN.exe
http://download.microsoft.com/download/8/6/a/86a21645-7d02-428a-9dbe-ec65fc066a7d/WindowsXP-KB896428-x86-ESN.exe
http://download.microsoft.com/download/d/e/4/de460ea4-b48c-41a7-890c-d1c5ad7394a8/WindowsXP-KB901214-x86-ESN.exe
http://download.microsoft.com/download/1/6/e/16e26155-db90-41cd-ab4c-9ee470913542/WindowsXP-KB893756-x86-ESN.exe
http://download.microsoft.com/download/4/f/a/4fa6a685-1f06-424f-b367-0d5da680079d/WindowsXP-KB899591-x86-ESN.exe
http://download.microsoft.com/download/7/e/e/7ee61dc4-99b8-4fc5-ac5e-70aede6ba2f6/WindowsXP-KB899587-x86-ESN.exe
http://download.microsoft.com/download/8/f/2/8f257cb7-fc23-41b7-b240-8da5b1fe2a68/WindowsXP-KB896423-x86-ESN.exe
http://download.microsoft.com/download/9/3/2/93213674-905b-4092-91ec-5e280663d2c1/WindowsXP-KB905414-x86-ESN.exe
http://download.microsoft.com/download/3/4/5/3459e910-42ce-4412-b396-4d5075ed4e66/WindowsXP-KB905749-x86-ESN.exe
http://download.microsoft.com/download/9/6/d/96d32767-3817-41ac-be33-664133d7ccba/WindowsXP-KB901017-x86-ESN.exe
http://download.microsoft.com/download/d/a/7/da7b2fe3-9726-4dbd-88c3-ff8e5127796d/WindowsXP-KB900725-x86-ESN.exe
http://download.microsoft.com/download/e/f/3/ef395705-e13b-41a8-9a89-80f7b8d5f227/WindowsXP-KB904706-v2-x86-ESN.exe
http://download.microsoft.com/download/6/e/d/6ed35fcc-6a90-4538-b5a8-b91ae695706a/WindowsXP-KB902400-x86-ESN.exe
http://download.microsoft.com/download/b/a/f/bafccfe7-44c2-483f-8b77-61d5c8cbda37/WindowsXP-KB896424-x86-ESN.exe
http://download.microsoft.com/download/9/c/f/9cf52091-b624-431a-99a1-c5148ffeaf84/WindowsXP-KB912919-x86-ESN.exe
http://download.microsoft.com/download/8/c/7/8c757182-edad-48fc-ace4-c60c15cb868a/WindowsXP-KB908519-x86-ESN.exe
http://download.microsoft.com/download/4/f/c/4fc87985-f55d-4e04-9759-145acac37271/WindowsMedia9-KB911565-x86-ESN.exe
http://download.microsoft.com/download/0/7/3/07347fca-64de-4334-b27c-4ef1f841346c/WindowsMedia-KB911564-x86-ESN.exe
http://download.microsoft.com/download/6/7/f/67f02bbe-2e02-47f5-8a8f-45e2336bc2be/WindowsXP-KB913446-x86-ESN.exe
http://download.microsoft.com/download/3/7/4/3744e0b1-0112-4d76-9cf0-95c0feeed054/WindowsXP-KB911927-x86-ESN.exe
http://download.microsoft.com/download/a/4/3/a43061e7-249b-4323-a7af-5cea09fb5554/WindowsXP-KB901190-x86-ESN.exe
http://download.microsoft.com/download/2/9/3/29350735-c0c2-4951-b27d-ec91686bbd15/WindowsXP-KB911562-x86-ESN.exe
http://download.microsoft.com/download/1/9/1/19117d78-8ab5-4067-92ed-90bc29284747/WindowsXP-KB908531-v2-x86-ESN.exe
http://download.microsoft.com/download/2/1/0/2103396a-9c4f-4f08-bcc8-39e4bec16eb2/WindowsXP-KB913580-x86-ESN.exe
http://download.microsoft.com/download/c/1/1/c11c40ea-cbf4-4e17-b200-25223aadaecf/WindowsXP-KB918439-x86-ESN.exe
http://download.microsoft.com/download/4/6/b/46bf4848-a039-429d-a222-6143a12e2cdd/WindowsXP-KB917344-x86-ESN.exe
http://download.microsoft.com/download/8/d/b/8db0c8a2-1872-47e0-8fff-47202ec4a4f3/WindowsMedia9-KB917734-x86-ESN.exe
http://download.microsoft.com/download/5/a/5/5a56a982-43ea-4077-8585-8439dd90304f/WindowsXP-KB911280-v2-x86-ESN.exe
http://download.microsoft.com/download/1/7/6/176f341e-5384-4b35-9bdb-f69c001ffc53/WindowsXP-KB914389-x86-ESN.exe
http://download.microsoft.com/download/a/4/b/a4bd7d4d-ed07-413a-b492-d2a614b07563/WindowsXP-KB917953-x86-ESN.exe
http://download.microsoft.com/download/a/0/1/a011f894-3489-443b-bb88-06658acc5166/WindowsXP-KB917537-x86-ESN.exe
http://download.microsoft.com/download/5/2/3/523c4e49-f05b-4850-8199-9c5cc92b5380/WindowsXP-KB914388-x86-ESN.exe
http://download.microsoft.com/download/9/d/2/9d2644ef-1aac-4e2d-9fb7-0c759187a70a/WindowsXP-KB920683-x86-ESN.exe
http://download.microsoft.com/download/0/f/2/0f29bc3f-3019-4aff-80c7-9d4c01500845/WindowsXP-KB921398-x86-ESN.exe
http://download.microsoft.com/download/0/b/4/0b4c0df3-4c2c-4301-8c4e-92574ee9e629/WindowsXP-KB922616-x86-ESN.exe
http://download.microsoft.com/download/6/7/6/676c5464-b11d-4041-a3be-49b72d5d81a5/WindowsXP-KB920670-x86-ESN.exe
http://download.microsoft.com/download/0/1/1/011d8b62-5ddc-4a24-a6a9-615ebf7b648e/WindowsXP-KB917422-x86-ESN.exe
http://download.microsoft.com/download/5/1/0/510e9c16-7081-4022-bdf5-039145263bed/WindowsXP-KB919007-x86-ESN.exe
http://download.microsoft.com/download/0/7/c/07cfb797-e026-4566-b695-0b844e6cb35d/WindowsXP-KB920685-x86-ESN.exe
http://download.microsoft.com/download/c/8/9/c890c028-850c-4876-91dc-96b68e0b7c97/WindowsXP-KB925486-x86-ESN.exe
http://download.microsoft.com/download/9/2/8/92800434-38ab-496e-8fbe-4cff07cf5aa2/WindowsXP-KB923191-x86-ESN.exe
http://download.microsoft.com/download/a/5/9/a59013e5-91cf-4686-b172-d88eca58c9ab/WindowsXP-KB924191-x86-ESN.exe
http://download.microsoft.com/download/7/c/5/7c517980-a9bf-4d24-8177-8d58fd6ee321/WindowsXP-KB923414-x86-ESN.exe
http://download.microsoft.com/download/7/f/e/7fe2f737-222b-49a9-957d-5ac076a27d72/WindowsXP-KB922819-x86-ESN.exe
http://download.microsoft.com/download/0/8/4/0841e98b-4bbb-4f38-842a-aea7d2345745/WindowsXP-KB924496-x86-ESN.exe
http://download.microsoft.com/download/b/4/b/b4b9c635-13b8-451e-927a-0a0ca2a832fc/WindowsXP-KB923980-x86-ESN.exe
http://download.microsoft.com/download/7/e/4/7e41adc8-2963-44c2-bf7a-1faa64390752/WindowsXP-KB920213-x86-ESN.exe
http://download.microsoft.com/download/3/c/1/3c1c0556-0d37-43a2-ac73-266fe116ead3/WindowsXP-KB924270-x86-ESN.exe
http://download.microsoft.com/download/b/7/6/b766b9d5-a997-497e-b341-74e3f47aa4b2/WindowsXP-KB925454-x86-ESN.exe
http://download.microsoft.com/download/8/b/d/8bdf23b9-4d56-4eb3-a0cd-43c18e4bcebf/WindowsXP-KB926247-x86-ESN.exe
http://download.microsoft.com/download/e/5/a/e5a707f3-a4b0-4f35-b733-0b7b26e35022/WindowsXP-KB926255-x86-ESN.exe
http://download.microsoft.com/download/c/4/8/c48ef677-25cc-4901-98ed-015e79a8f067/WindowsXP-KB923694-x86-ESN.exe
http://download.microsoft.com/download/a/3/f/a3fd5733-b717-40e8-97a4-618c3e0f5407/WindowsXP-KB923689-x86-ESN.exe

Thanks/omission in md5s.txt

Seconding (thirding? nth-ing?) the mucho thanks for putitng this together and publishing it. I hadn't used cygwin before but am muddling through it, getting exposure to that is maybe at least as good a thing as finding this.

Another minor correction to add, I was trying to use it with md5s.txt & I think it's missing at least one entry?:

-----

09:13:29 (156.55 KB/s) - `WindowsXP-KB923689-x86-ENU.EXE' saved [2388288/2388288
]

Verifying MD5 checksum for WindowsXP-KB923689-x86-ENU.EXE..
md5sum: standard input: no properly formatted MD5 checksum lines found
make: *** [WindowsXP-KB923689-x86-ENU.EXE] Error 1

-----

Looking at the file I don't think it was my mistake -- the checksum's simply not there. There might be more but I decided to run without checksum checks when I restarted.

Thanks again!

923689 checksum for md5s.txt

I ended up having to restart anyway so I figured this out. FYI the misisng line in md5s.txt is:

0a3ccfaeb67c454052410762e4ca5b71 *WindowsXP-KB923689-x86-ENU.exe

That's all that's missing.

Thanks for the heads up

The bug was the URL had .EXE, instead of .exe. I fixed both md5s.txt and xpsp2.mak and posted the updated versions.

Great! Now...what about other languages?

This really is of great help, especially with systems that lack many updates. Now...how about other languages? The updates do not seem to be in the same directory on the Microsoft website as the English ones...I wonder if there is a way to figure out how to access those?

Here's a resource

Take me seriously....please

Ross,
Sorry if there was any confusion. We're all so accustomed to reading sarcasm into web posts that sometimes true compliments don't come through well. I really mean it, Ross, you're a freakin' genius! My problem with RyanVM, nlite, etc. is that I'm never really sure what else might be slipstreaming into my install disc. With "xpsp2.mak" I can read the script and see exactly what is going into the final ISO. I'm also fairly confident that I could edit the script and add new KBXXXX files as they come out.

I'm also serious about writing a "how-to" for newbies. I assume that you can email me via the addy I used to register here. If so, send me a message and I'll mail you a small text file. I do have a couple of things that would need clarified before I'd want to post anything.
-Icy

Well, then your timing is perfect.

Icy,

Your post is the perfect answer to Bob Dobelina's critique.

I know my scripts aren't very "newbie friendly", but they truly are a one-script/one-command solution to slipstreaming.

HFSLIP is great, but it requires the user to manually download everything. A requirement I find distasteful.

It has to be said....

A couple of glaring omissions from this HOW TO:

cdrecord is a separate program which you can get from.......?
mkisofs is what? and you get it where? and it's purpose is what?
In the xpsp2.mak file, there is only a hint that you would need these things.

A lot of folks don't know what cygwin is nor are they ever gonna use it besides to run your makefile. They've never used linux, they know nothing of the filesystem. A little handholding would be appropriate. The logic that you have made this to all automate itself is crippled by simple omissions. This page is in the top ten of google links yet has probably caused untold thousands of lost hours by regular windows users just trying to get it to work.

From cygwin, if you don't know the working directory or how to change it do you expect any noobs like us to even pull off:
$ make -f xpsp2.mak
None of us are looking to read volumes of verbose cygwin docs when the rest of this page is 'so seemingly simple', it's just plain counter-intuitive. I hope you can understand this paradox.

Also, with the xpsp2.cmd, what is with the endless browser popups for file saves. Firefox2

When you put out an potentially nice service like this you perform your builds from a clean system, free of unknown, forgotten or overlooked dependencies. How else is testing supposed to mean anything?

An easier way to automate the integration

Create a batch file like this which I found on MSFN.ORG. place the batch file in the dir where your hotfix files are located.

TITLE Windows XP SP2 Slipstreamer
CLS
@echo off
ECHO.
ECHO Slipstreaming Windows XP SP2 Updates
ECHO Please wait...
FOR %%f IN (*.exe) DO "%%f" /Integrate:C:\XPCD
ECHO.
ECHO Slipstreaming Completed!
ECHO.
pause
EXIT

Hmmm....

You state "where your hotfix files are located".

How do you get the 60+ hotfix files in the first place?

Perhaps you can run my script first! :)

-Ross

Ouch!

Thanks for the feedback. Here's mine:

* My goal was to automate the entire process, and share the scripts with others. Not to write a howto for newbies.

* I'm assuming a level of expertise to use my scripts. They work for me, and I'm offering them to others to use if they want. There are many other, potentially better, solutions out there, including Ryanvm, HFSLIP, and many others.

* xpsp2.mak is only required if you want to burn a slipstreamed CD. cdrecord/mkisofs are used. HFSLIP also calls these commands. I know of no other way to burn a CD on the command line in Windows. Do you?

* xpsp2.cmd uses the default browser to download the hotfixes. If curl or wget are installed they will be used instead, and the disconcerting popups will not appear.

Again, thanks for the critique.

So I'll say this...

Ross, you're a freakin' genius!
I had never used cygwin before. I didn't understand half of what I read on page one of this site. So, I read the comments, downloaded cygwin, installed with the suggested components, typed help, figured out how to "cd /cygdrive", visited the cdrecord site so I could figure out how to "cdrecord -scanbus" and generated a fully slipstreamed install ISO using make -f xpsp2.mak. Alas, cdrecord wouldn't burn the ISO with my burner (although it did work on my second system). No problemo, I've got ImgBurn. All this took less time than figuring out how to slipstream SP2 via the "We've done all the thinking for you" sites and then rebooting 57 times using Winblows Update to install the gazillion updates since SP2.

Ross, you're a freaking genius! Thank you so much for spending the Thanksgiving Holiday tracking down all those updates and putting this together. If you just keep this updated, I'll write the "Ross's xpsp2.mak for Dummies" guide for you.

Thanks... I think :)

Icy,

I'm not sure if you're really being complementary, or pulling my leg, after reading Bob Dobelina's post, but I'll take you at your word.

I'm glad you found the script useful.

-Ross

Win2k mak file

The w2k_sp4.mak file refers in the second line and 10th lines to windows XP.

However the 23rd line refers to WIN2K_SP4

Thanks for your effort!

Both typos

Thanks for the catch. I'll publish an update soon.

What about KB908521?

How come KB908521 isnt included? It always downloads after I install.

That's because you have Office 2003 installed

Not everyone does, and it certainly isn't not on an original Windows XP installation CD.

Won't fit on CDR

I had 2 problems:

1. I think WindowsMedia41-KB817772-x86-ENU.exe uses a non-standard extraction command line switch, because that was the only HF that didn't extract. All others extracted fine.

2. My data directory was around 724MB. It won't fit on a CDR. So far I removed SUPPORT, VALUEADD, and COMPNENTS/TABLETPC and it still doesn't fit.

Why are you including KB817772?

My scripts don't include it. Neither does Ryanvm.

My .iso file has never exceeded 700MB. What disk are you starting with, and what are you adding to it?

No Edits, Same result as above

I just downloaded the cmd script and ran it, unedited.

The final result is well above 700 megs. In addition, one KB is not being integrated- KB885835, says file not found; although I see it in the dir.

The build dir is WINXPCD. I'm using a Volume Licensing CD.

Any assistance would be awsome.

Thanks for the great tool.

Size issues & observation

I too ran the script unedited and had over 700MB
first WXPVOL_EN slipstreamed with SP2 ~ 719MB
second OEM Dell CD with SP2 ~ 713MB
third WXPVOL_EN without SP2 ~ 709MB
Using Roxio rather than your CMD line to see what it would be without actually burning a CD. Will fit single CD with overburn checked and multidisk unchecked.
Error on the first two KB835935 (SP2) did not find in dir as it was still downloading when script calling for it to integrate. (Did not need on the first two as it was already integrated)
Similar error with KB885835 although it was downloaded & in the dir. May not have expanded fast enought.
Last attempt worked best with all the hotfixes already downloaded. I would suggest downloading SP2 first by itself anyway since it is such a large file or it is not seeing the wait period before moving on. KB835935 works on the integration (waits til done, but not on the download - mmm maybe I should compare these two code lines.) KB885835 is the opposite downloads ok, integrate not ok. Anyhow I can live without it and maybe delete the Media hotfixes to bring my size down - 57 instead 0f 61 is still great.
Thanks for the great script.

Try this.......

I deleted files in the folder E:\I386\LANG (using the Nlite tool), I didn't need the other languages, just English. There's over 90 meg of files in that folder.

I'm also going to try to burn a DVD using the entire 700+meg, has anyone else done this?

Raynman

Thanks, but having trouble

This is a super useful tool, thanks for making it public. However, I am having a bit of trouble with the image I created today with xpsp2.cmd. I get to the part of the installation where it is copying files, and the installer fails to read a number of files, p3.sys is the first, and they all look like driver files. I've googled around a bit and found several instances of people having this problem with slip-streamed discs, but no posted solutions. It looks like this is going to result in a broken installation. Have you run into this before? Do you know a solution? I am doing my testing using ISO images and VMware. If there is anyway I can help figure out a solution to this, please let me know!

Sorry, I have experienced the issue you are describing

Perhaps try using a different Windows XP install disk. I use an Windows XP SP1 Upgrade disk. Others report success with Windows XP SP2 Full.

KB type error?

hi,

just wanted to double check to see if the link KB907245, should really redirects to KB901017, thanks.

Nope, not a typo

http://www.microsoft.com/technet/security/bulletin/ms05-048.mspx lists KB907245, but the download is named WindowsXP-KB901017-x86-ENU.exe.

I had the download correct, but listed KB907245. I've changed it to KB901017 to be consistent. Thanks for the heads up.

slipstreaming does not integrate

Hi
I copied I386 into "Copy of I386", ran the xpsp2 and downloaded all into same directory.
The batch file asked to integrate into '.' which I ok'd.
4-5 updates ran (apparently on my installed \Windows and asked if I want to boot.
Apparently no XPSP2 files were updated in the I386 of copy...
This does not seem ok...
How do I know that all security fixes were applied on the I386 directory?

Changes in MCE 2005?

Hey Ross, thanks for writing this script! It worked like a charm for me with a Dell SP1a OEM full install disc.

I also have an HP MCE 2004 3 disc set that got scuffed up and is unreadable and I am searching for my can of Brasso to polish the discs up, but in the meantime.....

Check this site out: http://tinyurl.com/ykea5u

I noticed during the SP2 extraction process that the Media Center files were indeed being extracted but Mark Salloway states that those components don't get upgraded during an integration/slipstream. Can you confirm or deny this for your script if the CMPNENTS\MEDIACTR\I386 and \CMPNENTS\NETFX\I386 are added into the source or build folder? Do you have any idea why this might be? Any chance of figuring out a way to do this successfully with %options%?

And second question (if you know) is which actual file instructs setup.exe to install MCE instead of PRO? I was wondering if I could just replace the Dell OEM info with the HP OEM info since most all of the other non CMPNENTS files are exactly the same in PRO as MCE. And which file (if different) instructs a OEM or Corporate type install where you never have to (manually) put in the Key to get through setup? Just trying a workaround/experiment until I get my scuffed discs polished...Thanks alot!

Kirk

Sorry, I have no experience with Media Center

So I really can't address any of your questions.

You may want to try HFSLIP. I haven't used it, but it may support the functionality you're looking for.

Thanks,

Ross

Small Problem with wget

When using wget I experienced a small issue with saving hotfixes to a different directory that the script runs from...
Directory Structure:
-XP
--HOME
--PRO
--VOLUME
--CUSTOM
--HOTFIXES

Script resides in the XP directory
Changed script as follows:
set hotfixdir=.\HOTFIXES

wget saves the files in the XP directory still though, so the file is never "found"...

fixed it by changing the following:
wget --version >nul 2>nul
if not errorlevel 9009 (
set DOWNLOADER=wget -nd -N -P %hotfixdir%
goto start_downloads
)

It works now, but was there something wrong I was doing or was it a bug in the script?

Thanks for your help & the great script :)

Files too big for disc

Forgive me if this is an ignorant question (I am sure it is.)
I ran xpsp2.cmd and when it was finished I was left with a folder containing 725 megs of data. This is too much for a standard cd-r.
I assumed I was to simply copy the contents of the resulting folder to a disc, but I can't fit it onto one. What am I doing wrong?
Thanks for your help.

My custom hack to xpsp2.mak suddenly stopped working

Hello,

I've been slipstreaming the Intel chipset drivers prior to building the ISO image in xpsp2.mak for several months now. However, I recently decided to update my xpsp2.mak to the latest version since my CD is several months old, and I added my previous code to the current August 2006 xpsp2.mak and it stopped working.

This is the code I add, which is simply to pause prior to building the ISO. It's lifted directly from other code in xpsp2.mak, so I don't know what's wrong with it.

I insert the code right before the comment # patched mkisofs from pebuilder (line 534 or so).

# CUSTOM: Add pause to make any manual changes to drivers (i.e., add Intel)
# SP2, Hotfixes applied and bootimage extracted already
ifneq ('$(PAUSE)', '')
@echo
@echo Make any changes before ISO is made!
@echo and press [Enter] to continue
@echo -e \\a
@read dummy
endif

I use vim to write the code. Any ideas why this seemingly benign code is not working? I'm not a Perl buff, but this seems simple enough.

Thanks!

Great Idea, could you give a quick tutorial?

Hey Bing,

Slipstreaming needed or latest drivers seems like the way to go since we're updating everything else...

Where do you put the updated/absent drivers in the image so that they can be found during device setup? How do you find the old drivers to remove so there won't be a conflict? A little tutorial would be great.

Kirk

I'm an idiot - I forgot to

I'm an idiot - I forgot to use Tabs. Goes to show how little Perl I know!

Cygwin & xpsp2.mak

Can someone plesae help me so I understand what I am doing. What packages must be installed in order to run xpsp2.mak? How do I run it? Please dumb it down so a third grader could understand it. I am not familiar with Cygwin at all.

thanks

Package

This is great!

Quick question how many patches have been released post Windows XP sp2?
I've counted 112?

I'm also looking for Outlook 2003 post sp2 if you know off the top of you head..

Great information and great work.

Thank You.

pk:

You'll need to install Cygwin by running setup.exe.

Then, when prompted, install the folling optional packages:

make
perl
unzip
wget

Good luck!

No updating

After running xpsp2local It downloads all the updates into a preselected folder where i have the cmd file, but after all the downloads instead of installing the updates it gives a message saying "Please save all file in the directory '.'" WHat wrong? Is there something im doing wrong? Thanks

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 
Special thanks to Riester Rente Online for a generous donation!