DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 

Automatically Slipstream Windows XP with SP2 and All Post-SP2 Security Hotfixes with a Single Command (Updated 03-May-09)

For information about slipstreaming Windows XP SP3, visit http://smithii.com/slipstream_xpsp3.

I've written the batch file xpsp2.cmd (updated 03-May-09) to automatically download and slipstream a standard Windows XP boot disk with Service Pack 2 and all post-SP2 security hotfixes.

It uses wget or curl (if either are found in the PATH), or your installed browser to download the updates. I have tested this with Internet Explorer, Firefox, and Opera. Other browsers should work, as well.

The batch file xpsp2local.cmd (updated 03-May-09) will update the copy of Windows XP that is installed on the computer you run the command on. You may wish to do this, if you do not have, or want, the machine you want to hotfix connected to the internet, or if you are unable to run Windows Update for some reason (for example, if Internet Explorer isn't installed, or doesn't work properly, due to a virus or similar mishap).

To slipstream the hotfixes, and burn the slipstreamed disk, I've created the makefile xpsp2.mak (updated 03-May-09). Details on usage below.

Microsoft XML Core Services Hotfixes

For Microsoft XML Core Services, run msxml_hotfixes.cmd (updated 24-Aug-07) to install the latest hotfixes locally.

Microsoft Office 2003 SP2 and Hotfixes

For Office 2003, run office_2003_hotfixes.cmd (updated 25-Aug-07) to install Service Pack 2, and all post-SP2 hotfixes locally.

The xpsp2* scripts listed above include the following security updates found at http://www.microsoft.com/technet/security/current.aspx:


Apr 09:

MS09-010 - Critical
Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
KB923561
SP2: replaces none
SP3: replaces none

MS09-013 - Critical
Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
SP2: replaces none
SP3: replaces none

MS09-011 - Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
SP2: replaces MS08-033
SP3: replaces MS08-033

MS09-014 - Critical
Cumulative Security Update for Internet Explorer (963027)
SP2: replaces MS08-073, MS08-078
SP3: replaces MS08-073, MS08-078

MS09-012 - Important
Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
SP2: replaces MS07-022, MS08-002, MS08-064
SP3: replaces MS08-064

MS09-015 – Moderate
Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
SP2: replaces MS07-035
SP2: replaces MS07-035

Mar 09:

MS09-006 – Critical
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
SP2: replaces MS08-061
SP3: replaces MS08-061

MS09-007 - Important
Vulnerability in SChannel Could Allow Spoofing (960225)
SP2: replaces MS07-031
SP3: replaces none

Feb 09:

Jan 09:

MS09-001 – Critical
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
SP2: replaces MS08-063
SP3: replaces MS08-063

Dec 08:

MS08-071 – Critical
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
SP2: replaces MS08-021
SP3: replaces none

MS08-073 - Critical
Cumulative Security Update for Internet Explorer (958215)
SP2: replaces MS08-058
SP3: replaces MS08-058

MS08-076 – Important
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
SP2: replaces none
SP3: replaces none

MS08-078 - Critical
Security Update for Internet Explorer (960714)
SP2: replaces none
SP3: replaces none

Nov 08:

MS08-068 | Important
Vulnerability in SMB Could Allow Remote Code Execution (957097)
SP2: replaces MS05-011
SP3: replaces none

MS08-069 | Critical
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
SP2: replaces MS06-042
SP3: replaces none

Oct 08:

MS08-058 - Critical
Cumulative Security Update for Internet Explorer (956390)
SP2: replaces MS08-045
SP3: replaces MS08-045

MS08-061 – Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
SP2: replaces MS08-025
SP3: replaces none

MS08-062 - Important
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
SP2: replaces none
SP3: replaces none

MS08-063 – Important
Vulnerability in SMB Could Allow Remote Code Execution (957095)
SP2: replaces MS06-063
SP3: replaces none

MS08-064 – Important
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
SP2: replaces MS07-022
SP3: replaces none

MS08-066 – Important
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
SP2: replaces none
SP3: replaces none

MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
SP2: replaces MS06-040
SP3: replaces none

Sep 08:

MS08-052 - Critical
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
SP2: replaces none
SP3: replaces none

MS08-053 - Critical
Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
SP2: replaces none
SP3: replaces none

MS08-054 - Critical
Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
SP2: replaces none
SP3: replaces none

Aug 08:

MS08-045 - Critical
Cumulative Security Update for Internet Explorer (953838)
SP2: replaces MS08-031
SP3: replaces MS08-031

MS08-046 - Critical
Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
SP2: replaces none
SP3: replaces none

MS08-048 - Important
Security Update for Outlook Express and Windows Mail (951066)
SP2: replaces none
SP3: replaces none

MS08-049 - Important
Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
SP2: replaces none
SP3: replaces none

MS08-050 - Important
Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
SP2: replaces none
SP3: replaces none

Jul 08:

MS08-037 - Important
Vulnerabilities in DNS Could Allow Spoofing (953230)
SP2: replaces MS06-064, MS08-001
SP3: replaces none

Jun 08:

MS08-030 - Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
SP2: replaces none
SP3: replaces none

MS08-031 - Critical
Cumulative Security Update for Internet Explorer (950759)
SP2: replaces MS08-024
SP3: replaces none
replaced by MS08-45

MS08-032 - Moderate
Cumulative Security Update of ActiveX Kill Bits (950760)
SP2: replaces MS08-023
SP3: replaces none

MS08-033 - Critical
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
SP2: replaces MS07-064
SP3: replaces none

MS08-035 - Important
Vulnerability in Active Directory Could Allow Denial of Service (953235)
SP2: replaces MS08-003
SP3: replaces none

MS08-036 - Important
Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
SP2: replaces MS06-052
SP3: replaces none
  1. KB941693: MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege Release 08-Apr-08 (Important)
  2. KB944338: MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution Release 08-Apr-08 (Critical)
  3. KB948590: MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution Release 08-Apr-08 (Critical)
  4. KB945553: MS08-020: Vulnerability in DNS Client Could Allow Spoofing Release 08-Apr-08 (Important)
  5. <!-- Feb, 2008: http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx -->

  6. KB947890: MS08-008: Vulnerability in OLE Automation Could Allow Remote Code Execution Released 12-Feb-08 (Critical)
  7. KB946026: MS08-007: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution Released 12-Feb-08 (Critical)
  8. KB942830: MS08-006: Vulnerability in Internet Information Services Could Allow Remote Code Execution Released 12-Feb-08 (Important)
  9. KB942831: MS08-005: Vulnerability in Internet Information Services Could Allow Elevation of Privilege Released 12-Feb-08 (Important)
  10. <!-- Jan, 2008: http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx -->

  11. KB943485: MS08-002: Vulnerability in LSASS Could Allow Local Elevation of Privilege Released 08-Jan-08 (Important)
  12. <!-- Dec, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx -->

  13. KB941569: MS07-068: Vulnerability in Windows Media File Format Could Allow Remote Code Execution Released 11-Dec-07 (Critical)
  14. KB944653: MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege Released 11-Dec-07 (Important)
  15. KB937894: MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution Released 11-Dec-07 (Important)
  16. <!-- Nov, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-nov.mspx -->

  17. KB943460: MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution Released 13-Nov-07 (Critical)
  18. <!-- Oct, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx -->

  19. KB933729: MS07-058: Vulnerability in RPC Could Allow Denial of Service Released 09-Oct-07 (Important)
  20. KB941202: MS07-056: Security Update for Outlook Express and Windows Mail Released 09-Oct-07 (Critical)
  21. KB923810: MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution Released 09-Oct-07 (Critical)
  22. <!-- Aug, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx -->

  23. KB938127: MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 14-Aug-07 (Important)
  24. KB936782: MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  25. <!-- Jul, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-jul.mspx -->

  26. KB939373: MS07-041: Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution Released 20-Jul-07 (Important)
  27. <!-- June, 2007: http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx -->

  28. KB935839: MS07-035: Vulnerability in Win32 API Could Allow Remote Code Execution Released 12-Jun-07 (Critical)
  29. KB929123: MS07-034: Cumulative Security Update for Outlook Express and Windows Mail Released 12-Jun-07 (Critical)
  30. KB935840: MS07-031: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution Released 12-Jun-07 (Critical)
  31. <!-- May, 2007: http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx -->

    <!-- April, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx -->

  32. KB931784: MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege Released 07-Apr-07 (Important)
  33. KB930178: MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  34. KB932168: MS07-020: Vulnerability in Microsoft Agent Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  35. KB931261: MS07-019: Vulnerability in Universal Plug and Play Could Allow Remote Code Execution Released 07-Apr-07 (Critcal)
  36. KB925902: MS07-017: Security Update for Windows XP Released 03-Apr-07 (Critcal)
  37. <!-- February, 2007: http://www.microsoft.com/technet/security/bulletin/ms07-feb.mspx -->

  38. KB918118: MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  39. KB924667: MS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  40. KB926436: MS07-011: Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (Important) Released 12-Feb-07 (Important)
  41. KB927779: MS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution Released 12-Feb-07 (Critical)
  42. KB928843: MS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution Released 12-Feb-07 (Critical)
  43. KB927802: MS07-007: Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege Released 12-Feb-07 (Important)
  44. KB928255: MS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege Released 12-Feb-07 (Important)
  45. <!-- December, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-dec.mspx -->

  46. KB926255: MS06-075: Vulnerability in Windows Could Allow Elevation of Privilege Released 12-Dec-06 (Important)
  47. KB926247: MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution Released 12-Dec-06 (Important)
  48. <!-- November, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-nov.mspx -->

  49. KB924270: MS06-070: Vulnerability in Workstation Service Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  50. KB920213: MS06-068: Vulnerability in Microsoft Agent Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  51. KB923980: MS06-066: Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution Released 14-Nov-06 (Important)
  52. <!-- October, 2006: http://www.microsoft.com/technet/security/bulletin/ms08-oct.mspx -->

  53. KB924496: MS06-065: Vulnerability in Windows Object Packager Could Allow Remote Execution Released 10-Oct-06 (Moderate)
  54. KB923414: MS06-063: Vulnerability in Server Service Could Allow Denial of Service and Remote Code Execution Released 10-Oct-06 (Important)
  55. KB924191: MS06-061: Vulnerabilities in Microsoft XML Core Services could allow remote code execution Released 10-Oct-06 (Critical)
  56. KB923191: MS06-057: Vulnerability in Windows Explorer Could Allow Remote Execution Released 10-Oct-06 (Critical)
  57. <!-- September, 2006: http://www.microsoft.com/technet/security/bulletin/ms07-sep.mspx -->

  58. KB920685: MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting Released 12-Sep-06 (Moderate)
  59. <!-- August, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-aug.mspx -->

  60. KB920670: MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution  Released 08-Aug-06 Important)
  61. KB920683: MS06-041: Vulnerability in DNS Resolution Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  62. <!-- July, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jul.mspx -->

  63. KB914388: MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution Released 11-Jul-06 (Critical)
  64. <!-- June, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx -->

  65. KB914389: MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege Released 13-Jun-06 (Important)
  66. KB911280: MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  67. KB918439: MS06-022: Vulnerability in ART Image Rendering Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  68. <!-- May, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-may.mspx -->

  69. KB913580: MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator could allow denial of service Released 09-May-06 (Moderate)
  70. <!-- April, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx -->

  71. KB908531: MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution Released 11-Apr-06 (Updated 25-Apr-06) (Critical)
  72. KB911562: MS06-014: Vulnerability in Microsoft Data Access Components (MDAC) function could allow code execution Released 11-Apr-06 (Updated 11-May-06) (Critical)
  73. <!-- February, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-feb.mspx -->

  74. KB901190: MS06-009: Vulnerability in the Korean Input Method Editor (IME) could allow elevation of privilege Released 10-May-06 (Important)
  75. KB911927: MS06-008: Vulnerability in Web Client Service Could Allow Remote Code Execution Released 10-May-06 (Important)
  76. KB911564: MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution Released 10-May-06 (Important)
  77. KB911565: MS06-005: Vulnerability in Windows Media Player 9 Could Allow Remote Code Execution Released 10-May-06 (Critical)
  78. <!-- January, 2006: http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx -->

  79. KB908519: MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution Released 11-Jan-06 (Critical)
  80. <!-- November, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-nov.mspx -->

  81. KB902400: MS05-051: Vulnerabilities in MS DTC and COM+ could allow remote code execution Released 8-Nov-05 (Critical)
  82. <!-- October, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-oct.mspx -->

  83. KB900725: MS05-049: Vulnerabilities in the Windows shell could allow for remote code execution Released 29-Dec-05 (Important)
  84. KB901017: MS05-048: Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution Released 29-Dec-05 (Important)
  85. KB905749: MS05-047: Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege Released 29-Dec-05 (Important)
  86. KB905414: MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service Released 29-Dec-05 (Moderate)
  87. <!-- August, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-aug.mspx -->

  88. KB896423: MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution Released 14-Aug-05 (Critical)
  89. KB899587: MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing Released 14-Aug-05 (Moderate)
  90. KB899591: MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service Released 14-Aug-05 (Moderate)
  91. KB893756: MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution Released 14-Aug-05 (Important)
  92. <!-- July, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx -->

  93. KB901214: MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution Released 12-Jul-05 (Critical)
  94. <!-- June, 2005: http://www.microsoft.com/technet/security/bulletin/ms05-jun.mspx -->

  95. KB896428: MS05-033: Vulnerability in Telnet Client Could Allow Information Disclosure Released 14-Jun-05 (Moderate)
  96. KB890046: MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing Released 14-Jun-05 (Moderate)
  97. KB896358: MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution Released 14-Jun-05 (Critical)
  98. <!-- April, 2005 -->

  99. KB890859: MS05-018: Vulnerabilities in Windows kernel Could Allow Elevation of Privilege and Denial of Service Released 12-Apr-05 (Important)
  100. <!-- February, 2005 -->

  101. KB891781: MS05-013: Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Code Execution Released 8-Feb-05 (Critical)
  102. KB887472: MS05-009: Vulnerability in PNG Processing Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  103. KB888302: MS05-007: Vulnerability in Windows Could Allow Information Disclosure Released 8-Feb-05 (Important)
  104. <!-- December, 2004 -->

  105. KB885835: MS04-044: Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege Released 14-Dec-04 (Important)
  106. KB873339: MS04-043: Vulnerability in HyperTerminal Could Allow Code Execution Released 14-Dec-04 (Important)
  107. KB885836: MS04-041: A Vulnerability in WordPad Could Allow Code Execution Released 14-Dec-04 (Important)
  108. <!-- August, 2004 -->

  109. KB835935: Windows XP Service Pack 2 Released 24-Aug-04

<!-- ******************************************************************** -->
These updates are not included as they have been superceeded by a following update:
<!-- ******************************************************************** -->

  1. KB947864: MS08-024: Cumulative Security Update for Internet Explorer Release 08-Apr-08 (Critical)
  2. KB948881: MS08-023: Security Update of ActiveX Kill Bits Release 08-Apr-08 (Critical)
  3. KB944533: MS08-010: Cumulative Security Update for Internet Explorer Released 12-Feb-08 (Critical)
  4. KB946538: MS08-003: Vulnerability in Active Directory Could Allow Denial of Service Released 12-Feb-08 (Important)
  5. KB941644: MS08-001: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution Released 08-Jan-08 (Critical)
  6. KB938829: MS07-046: Vulnerability in GDI Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  7. KB942615: MS07-069: Cumulative Security Update for Internet Explorer Released 11-Dec-07 (Critical)
  8. KB941568: MS07-064: Vulnerabilities in DirectX Could Allow Remote Code Execution Released 11-Dec-07 (Critical)
  9. KB939653: MS07-057: Cumulative Security Update for Internet Explorer Released 09-Oct-07 (Critical)
  10. KB937143: MS07-045: Cumulative Security Update for Internet Explorer Released 14-Aug-07 (Critical)
  11. KB921503: MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution Released 14-Aug-07 (Critical)
  12. KB933566: MS07-033: Cumulative Security Update for Internet Explorer Released 12-Jun-07 (Critical)
  13. KB931784: MS07-027: Cumulative Security Update for Internet Explorer Released 08-May-07 (Critical)
  14. KB928090: MS07-016: Cumulative Security Update for Internet Explorer Released 12-Feb-07 (Critical)
  15. KB929969: MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 09-Jan-07 (Critical)
  16. KB923689: MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution Released 12-Dec-06 (Critical)
  17. KB923694: MS06-076: Cumulative Security Update for Outlook Express Released 12-Dec-06 (Important)
  18. KB925454: MS06-072: Cumulative Security Update for Internet Explorer Released 12-Dec-06 (Critical)
  19. KB922760: MS06-067: Cumulative Security Update for Internet Explorer Released 14-Nov-06 (Critical)
  20. KB925486: MS06-055: Vulnerability in Vector Markup Language Could Allow Remote Code Execution Released 12-Sep-06 (Critical)
  21. KB922819: MS06-064: Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service Released 10-Oct-06 (Low)
  22. KB919007: MS06-052: Vulnerability in Reliable Multicast Program (PGM) Could Allow Remote Code Execution Released 12-Sep-06 (Important)
  23. KB917422: MS06-051: Vulnerability in Windows Kernel Could Result in Remote Code Execution Released 08-Aug-06 (Critical)
  24. KB922616: MS06-046: Vulnerability in HTML Help Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  25. KB921398: MS06-045: Vulnerability in Windows Explorer Could Allow Remote Code Execution  Released 08-Aug-06 Important)
  26. KB920214: MS06-043: Vulnerability in Microsoft Windows Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  27. KB918899: MS06-042: Cumulative Security Update for Internet Explorer Released 08-Aug-06 (Critical)
  28. KB921883: MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution Released 08-Aug-06 (Critical)
  29. KB917159: MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution Released 11-Jul-06 (Critical)
  30. KB917537: MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution Released 11-Jul-06 (Important)
  31. KB917953: MS06-032: Vulnerability in TCP/IP Could Allow Remote Code Execution Released 13-Jun-06 (Important)
  32. KB917734: MS06-024: Vulnerability in Windows Media Player Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  33. KB917344: MS06-023: Vulnerability in Microsoft JScript Could Allow Remote Code Execution Released 13-Jun-06 (Critical)
  34. KB916281: MS06-021: Cumulative Security Update for Internet Explorer Released 13-Jun-06 (Critical)
  35. KB913433: MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution Released 09-May-06 (Critical)
  36. KB911567: MS06-016: Cumulative Security Update for Outlook Express Released 11-Apr-06 (Important)
  37. KB912812: MS06-013: Cumulative Security Update for Internet Explorer Released 11-Apr-06 (Critical)
  38. KB913446: MS06-007: Vulnerability in TCP/IP Could Allow Denial of Service Released 10-May-06 (Important)
  39. KB912919: MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Released 6-Jan-06 (Critical)
  40. KB905915: MS05-054: Cumulative Security Update for Internet Explorer Released 13-Dec-05 (Critical)
  41. KB896424: MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution Released 8-Nov-05 (Critical)
  42. KB896688: MS05-052: Cumulative Security Update for Internet Explorer Released 29-Dec-05 (Critical)
  43. KB904706: MS05-050: Vulnerability in DirectShow Could Allow Remote Code Execution Released 29-Dec-05 (Critical)
  44. KB899589: MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution Released 29-Dec-05 (Important)
  45. KB899588: MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege Released 14-Aug-05 (Critical)
  46. KB896727: MS05-038: Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 Released 14-Aug-05 (Critical)
  47. KB903235: MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution Released 14-Aug-05 (Critical)
  48. KB890046: MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing Released 14-Jun-05 (Moderate)
  49. KB896422: MS05-027: Vulnerability in Server Message Block Could Allow Remote Code Execution Released 14-Jun-05 (Critical)
  50. KB883939: MS05-025: Cumulative Security Update for Internet Explorer Released 14-Jun-05 (Critical)
  51. KB890923: MS05-020: Cumulative security update for Internet Explorer Released 12-Apr-05 (Important)
  52. KB893086: MS05-016: Vulnerability in Windows Shell that Could Allow Remote Code Execution Released 12-Apr-05 (Critical)
  53. KB888113: MS05-015: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  54. KB873333: MS05-012: Vulnerability in OLE and COM Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  55. KB885250: MS05-011: Vulnerability in Server Message Block Could Allow Remote Code Execution Released 8-Feb-05 (Critical)
  56. KB890047: MS05-008: Vulnerability in Windows shell could allow remote code execution Released 8-Feb-05 (Important)
  57. KB890175: MS05-001: Vulnerability in HTML Help could allow code execution Released 11-Jan-05 (Critical)
  58. <!--
    not security updates

  59. KB885932: Update for Internet Explorer 6 for XP Service Pack 2
  60. KB884020: Programs that connect to IP addresses that are in the loopback address range may not work as you expect in Windows XP Service Pack 2 Released Sep-04
  61. KB886185: Critical update for Windows Firewall "My Network (subnet) only" scoping in Windows XP Service Pack 2 Released 14-Dec-04 (Critical)
  62. -->

<!-- ******************************************************************** -->
The following security updates are not presently included:
<!-- ******************************************************************** -->

  1. KB923723: MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution Released 12-Feb-07 (Important)
  2. KB923789: MS06-069: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution Released 14-Nov-06 (Critical)
  3. KB898458: MS05-031: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution Released 14-Jun-05 (Important)
  4. KB893066: MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service Released 12-Apr-05 (Critical)
  5. KB890261: MS05-009: Vulnerability in PNG Processing Could Lead to Buffer Overrun Released 8-Feb-05 (Critical)
  6. KB887219: MS05-004: ASP.NET Path Validation Vulnerability Released 8-Feb-05 (Important)
  7. KB816093: MS03-011: Flaw in Microsoft VM Could Enable System Compromise Released 14-Dec-04 (Critical)

Please let me know if you feel I've missed an important update.

Fitting All the Hotfixes onto a 700MB CD

If you slipstream all of the hotfixes listed above, the resulting size will be greater than will fit on a single 700MB "80 minute" CD-R. There are two options to get around this limitation:

1. Burn to a DVD instead of a CD. Of course, this isn't an option if the computer you are installing on does not have a DVD drive, or you don't have software to burn an .ISO file to a DVD.

2. Remove unneeded directories from the CD. On my Windows XP SP1 CD, I found I could delete the following directories before creating the .ISO:

D:\I386\WIN9XMIG: 33.5MB (Windows 9x migration files, not used when performing a fresh XP installation)
D:\DOTNETFX:      33.1MB (.NET Framework, install this manually later if needed)
D:\cmpnents       26.5MB (.NET Framework, TabletPC)
D:\SUPPORT:       11.3MB (Support tools, not used by the installer)
D:\VALUEADD:       9.1MB (Value added programs, not used by the installer)
D:\I386\WIN9XUPG:  3.9MB (Windows 9x upgrade files, not used when performing a fresh XP installation)
D:\DOCS:           0.1MB (Miscellaneous documents, not used by the installer)

If you don't need to install the Recovery Console, you can remove:

D:\I386\WINNTUPG:  1.0MB (Windows NT/2000 upgrade files, not used when performing a fresh XP installation)

If you don't need to install languages other than English, you can remove:

D:\I386\LANG:    101.7MB

If you remove all of the above directories, you will have reduced the size of the CD by over 223MB. Using my Windows XP SP1 disk, I went from 786MB, to 563MB, which easily fits on most sizes of CD-R media (see the table below).

Here is a table listing the different sizes of CD media. The sizes listed below I discovered empirically, and may vary depending on the type of media used.

Disk Type                       Size
------------------------ -----------
80 minute/"700MB" CD-R   697,425,920
74 minute/"650MB" CD-R   642,883,584
80 minute/"700MB" CD-R/W 598,808,576
74 minute/"650MB" CD-R/W 557,260,800

Of course, using a program such as nLite, you can accomplish a far greater size reduction that what is listed above.

For more information, see:

http://unattended.msfn.org/unattended.xp/view/web/57/
http://pages.videotron.com/tbone/unattended/#_Toc79089721

Using Cygwin to Burn a Bootable CD

If you have, or install, Cygwin, you can build and burn a bootable CD, by editing the CD and CD_DEV variables at the beginning of xpsp2.mak, and typing:

$ make -f xpsp2.mak

You can also add the parameters on the command line:

$ make -f xpsp3.mak CD=F: CD_DEV=0,0,0

If you include md5s.txt (updated 03-May-09), make will verify the files downloaded correctly before executing them.

Note: KB885835 and KB885250 share the same file (mrxsmb.sys), so an error occurs if you attempt to slipstream both of them at once. These scripts solve this issue by superceeding KB885835's version of the file (5.1.2600.2541, xpsp_sp2_gdr.040919-1056, dated 10-27-2004, 448,128 bytes) with KB885250's version (5.1.2600.2598, xpsp_sp2_gdr.041130-1729, dated 1-18-2005, 451,584 bytes).

Of course, to run make, you will need to install Cygwin and select the make, perl, and wget packages.

To create a Windows XP boot disk with Service Pack 1a and Update Rollup 1 (KB826939), use xpsp1_ru.mak.

Older Scripts

To create a Windows XP boot disk with only SP1a, use xpsp1.mak.

To create a Windows 2000 boot disk with SP4, use w2k_sp4.mak.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Not sure I understand the problem

It sounds like it's waiting for a download file to appear in the directory it's expecting them in. Sorry I can't be of more help.

Still getting errors, not 1st time when I can't paste them here

Now it's a different Cygwin error, it says...
...
Message comes up if the SP2 executable file is not in the same folder with .mak file.
If I copy the file, no more error. I guess it has to do with SP2 check or download.

I can't copy/paste the error because when I click 'Post Comment' I get:

Forbidden
You don't have permission to access / on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Fixed xpsp2.mak has been uploaded

It should work for you now.

Thanks for you help, and patience.

Hello ross - I don't

Hello ross - I don't understand half of the postings as I'm a hardware guy but you seem to be the man! Great! Just 1 stupid question- Is your mak just to slipstream or can I use it to create a full XP CD from my system already running XPsp2 ? as an XP cd did not come with it and the restore program has been used meaning the dsiks i created and lost was my only copy of XP
Fresh

Hey Fresh

Both xpsp2.mak and xpsp2.cmd can create a Windows XP installation CD with all of the hotfixes slipsteamed in. They both require an existing Windows XP installation CD (SP0, SP1 or SP2).

german XP

Hello,

This looks like a fantastic tool. But: I have a german XP, so I needed german hotfixes...
Is there a way to edit the script to download german files?
Otherwise, where can I find a list of the URLs and filenames of the hotfixes above in german?
Many thanks,
Daniel

Hi Daniel,

Yes, you can certainly edit the URLs.

For a list of hotfixes in other languages, take a look here.

Cheers,

Ross

Couple of questions

Great script. Haven't tried to install yet. We'll see. A couple of questions though;

1. when running the script, after it extracts each patch, I get " 'and' is not a recognized command". Is this normal and are the updates completing if I get this error?

2. I use XP setup Launcher to automate my XP installs. Can the patched XP folder be used as a source for the installs? IOW do I HAVE to burn an ISO to use this? (I'm guessing not but just checking)

Again thanks for the killer script bro. Makes my job a whole lot easier and faster.

Fixed, please try again

A small typo slipped thru.

request

hey very nice script since i work in a computer store and all pc's leaving the building need to be fully updated i run this script off my memory stick
i do have a request though can u add a counter that will display the total amount of updates in the folder and also the current patch number it is updating
ie .... installing Patch number (current patch) (patch name ) of (total patches)
i have tried to edit the script to add this functionality but have failed programming is not my greatest ability in the it industry thank you and i hope to hear from you soon
-Dave

Fixed, please try again

I have updated the Cygwin script. Please try it again.

Still some errors

I think we're on the right way with the Cygwin script but there are still some errors.
It's able to detect the SP2. It's able to download one update from the list (can see wget downloading).
Once the download is finished the error pops up like before:

"wget -N http: download.microsoft.com download c c 3 cc385a85-3a2e-4632-ad43-72e
48480e69c WindowsXP-KB885835-x86-ENU.exe
--09:06:23-- http: download.microsoft.com download c c 3 cc385a85-3a2e-4632-ad
43-72e48480e69c WindowsXP-KB885835-x86-ENU.exe
=> `WindowsXP-KB885835-x86-ENU.exe'
Resolving download.microsoft.com... 72.246.30.147, 72.246.30.155
Connecting to download.microsoft.com|72.246.30.147|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3,104,488 (3.0M) [application octet-stream]

100%[====================================>] 3,104,488 81.17K/s ETA 00:00

09:07:06 (71.22 KB/s) - `WindowsXP-KB885835-x86-ENU.exe' saved [3104488/3104488]

slash bin slash sh: -c: line 1: syntax error: unexpected end of file
make: *** [WindowsXP-KB885835-x86-ENU.exe] Error 2"

What's causing these errors?
Do you get these errors too?
Does it have to do with my Cygwin config?

Thanks again!

Problem in the script

It's been fixed. Please try again.

Update

It's happening only after the download of a patch has completed.
If I run the script again will go over that.
Still you get the error on the next download.
Downloading pebuilder/bbie doesn't give any errors.

Help with xpsp2.cmd

Can anyone tell me what is happening? When I run the file it extracts the files from my CD then I am prompted to download KB873339, I do so and the program just sits there blinking the same message. Also, it doesn't appear the hotfixdir is being created.

Thanks

You must save the downloads in the correct directory

For example, I run the script from the d:\X1APCCP_EN directory. When FireFox prompts me where to save the download files, I manually select this directory. If you have FireFox automatically set to save your download files in a different directory, the script will sit there forever waiting to see the files in the directory it expects them in.

Superceeded Hotfixes

Curious about superceeded fixes. After creating a CD and applying all the fixes here, my auto updates still applied the following, some of which claimed to have been superceeded:

KB893803v2
KB886185
KB894391
KB898461
KB899587
KB900485
KB900725
KB902400
KB904706
KB910437
KB916595

What am I missing? Should I apply all of these to the CD? Why would the superceeded hotfixes be applied?

Thanks. This CD is going to save me uncounted mindless hours.

Gman

Good question

I'm only including security fixes. Here's what I've found from your list:

KB893803v2:	Windows Installer 3.1 (v2)
		(Not a security update)

KB886185:	Critical update for Windows Firewall "My Network (subnet) only" scoping
		(Not a security update, Ryamvm says it's superceeded by KB889527)

KB894391:	You receive a "Generic Host Process" error message after you start
                the computer, or DBCS attachment file names are not displayed in 
                Rich Text e-mail messages
		(Not a security update)

KB898461:	Permanent copy of the Package Installer for Windows version 6.2.29.0
		(Not a security update)

KB899587:	Vulnerabilities in Kerberos could allow denial of service, information 
                disclosure, and spoofing (Moderate)
		(I added this hotfix to the scripts)

KB900485:	0x0000007E stop error in Windows XP SP2
		(Not a security update)

KB900725:	Vulnerabilities in the Windows shell could allow for remote code execution
                (Important)
		(I added this hotfix the scripts, superceeded by KB909608, which does not
                appear to be available)

KB902400:	Vulnerabilities in MS DTC and COM+ could allow remote code execution (Critical)
		(I added this hotfix to the scripts)
			
KB904706:	Vulnerability in DirectShow could allow remote code execution (Critical)
		(I added this hotfix to the scripts)

KB910437:	Access violation error occurs when Windows Automatic Updates tries to download
                updates
		(Not a security update)

KB916595:	Stop error message on a Windows XP-based computer: "STOP 0x000000D1"
		(Not a security update)

KB887742: 	You receive the Stop error "Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)" in
                Windows XP Service Pack 2 or Windows Server 2003
		(Removed as it's not a security update, also, ryanvm says it's superceeded by 
                KB916595)

Thanks for the information,

Ross

Brilliant script but missing echo?

Just downloaded your brilliant xpsp2.cmd script. Thought you might want to know, I think line 42 is missing an echo.

Fixed, thanks for the heads

Fixed, thanks for the heads up

Browser Opera & script (observation)

Hi Ross,

""It uses your installed browser to download the updates. I have tested this with Internet Explorer and Firefox. I'm not sure if Opera or other browsers will work.""

With Opera there is a small speedbump in the road: (the download manager) will ask confirmation for every file downloaded, as well as for location. And it leaves an empty tab open, which you cannot close 'till the end of the downloads (That's *a lot* of open tabs ) But if you read the instructions for saving the files, it does work :-)

I'm sure I'll be testing the results of your work presently!
Thanks a million :-)
Francis

Fixed in 14-aug release

Thanks for the heads up

KB911280 - 404 error

Thanks for such a nice tool!

Is it true that the program downloads SP2 1st then checks to see if win51ip.SP2 exists on the CD?
If so, I think it should check 1st then download if SP2 not found.
Does it matter if the name of the file is 'win51ip.SP2' instead of 'WIN51IP.SP2'?

I got a 404 error for KB911280...
Did a search on MS website and I found out a v2 of the file:
http://download.microsoft.com/download/2/7/a/27a678b5-d598-4f54-8cef-282dc63afa04/WindowsXP-KB911280-v2-x86-ENU.exe

Also 'unzip' package needs to be selected when installing Cygwin.

I uploaded the corrected script

Thanks for the heads up.

How about 1st checking for SP

How about 1st checking for SP2 on the CD, then downloading it.
When I ran the program it downloaded the SP2 1st even if the source CD has SP2 and the file WIN51IP.SP2 is present in the root folder?

Thanks for such a quick reply!

I can't duplicate the problem you are having

The code to check for the WIN51IP.SP2 file is there, line 324:

if not exist "%builddir%\win51*.sp2" (

I tested it, and it works fine for me.

You might try turning on debugging, and seeing if you can determine why it's failing:

set debug=y
xpsp2.cmd

And then press Ctrl-S to stop the scrolling right after you reply to the prompts. Type Ctrl-Q to start it again.

Let me know if you determine what the problem is.

Might seem strange but it did

Might seem strange but it didn't ask me anything. Nada.
It just starts copying the files.
Then it started downloading SP2.

What might be the reason why it isn't asking anything?

Thanks

Sorry, I have no idea

First, you need to be using Windows XP.

If your CD drive is drive D:, it wont ask you for the source drive, if the file D:\WIN51 is found.

It then runs the VOL command on the above drive, and checks if a directory exists with the volume name underneath the current directory.

For example, in my case, the volume name of the CD is X1APCCP_EN, and I'm running the script in the directory D:\XPSP2. The program then looks for the directory D:\XPSP2\X1APCCP_EN. If it exists, it won't ask for the destination directory.

If the program is not asking you, then either the directory already exists, or it is failing to get the result of the VOL command.

Without seeing the debug output, I can't really help any further.

You could also try simply specifying the source and destination directories on the command line:

xpsp2.cmd source_drive dest_dir

For example:

xpsp2.cmd D: XPSP2

-Ross

Yes, I am using a WinXP SP2 C

Yes, I am using a WinXP SP2 CD.
The CD drive letter is X is this case and I replaced D with X inside the file.
In my case the CD volume name is '050801_1031' but the program creates a folder named 'X1APCCP_EN_cd'
Then, after ~10-15 seconds it starts copying the files from CD. No questions asked.
Once the files are copied it downloads SP2 and I think I'm not the only one with this issue, saw another question asking how to just apply patches, without downloading SP2. I guess he hass the same issue.
Is there a way to set breakpoints in the program and debug it? Check variables and so...
It would be a good idea to specify on the page that 'unzip' has to be checked as well when installing Cygwin.

Thanks

Sorry, I misunderstood

I didn't realize you are using the xpsp2.mak script. I should have figured that out, when you mentioned Cygwin.

I have fixed the script to not download or integrate SP2 if it finds the WIN51IP.SP2 file.

Please download this version and try it.

Slip Stream Hotfixes

Is there a way for you to make the slipstream cmd to just download and slip in the hotfixes, i don't need SP or to insert the CD iv'e done all that already, i just need to slip stream the hotfixes that apply to SP2.
Can you help?

I need more information

If you have already copied the CD, and have answered the prompts with the correct directory names, the script will not copy the CD again.

Also, the script will not download, or slipstream SP2 itself, if it sees a win51*.sp2 file in the root directory.

So, I'm not sure what, exactly, is the problem. Perhaps you can detail exactly what you are doing, and I'll see if I can help figure out a solution.

Thanks,

Ross

Small problems

I had some small problems to an otherwise flawless process

XPSP2.MAK had trouble finding the following. I commented it out for now.

# MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code
Execution (908531) (Critical)
#comment by erik 4-28-06 not found
#KB908531_URL?=http://download.microsoft.com/download/5/d/c/5dc567bf-cd78-46f2-a714-7c3d7f8c66a0/WindowsXP-KB908531-x86-ENU.exe
#KB908531_EXE?=$(shell basename $(KB908531_URL))

#Comment by Erik 4-28-04 not working
#908531 \

When I burned the cd and kicked of a trial install. Unfortunately it hung right after asking me to load scsi drivers with the following message.

File \i386\ntkrnlmp.exe counld not be loaded

The error code is 14

Settup cannot continue press any key to exit.

Any suggestions?

NTKRNLMP.EXE must be capitalized

I also ran into the "error code is 14" on ntkrnlmp.exe. As it turns out, the solution was rather trivial (not that it didn't take me several hours to figure it out...)

When I applied the hotfixes to the CD image, the original "NTKRNLMP.EX_" file was replaced with ntkrnlmp.exe. It appears that until the kernel is loaded to do the installation, all filenames must be capitalized. You can either capitalize the file manually, or use the -force-uppercase argument to a patched mkisofs. The particular version of mkisofs I used has a broken -force-uppercase patch, so I had to manually capitalize. The program "IsoBuster" proved very useful in tracking this patched mkisofs bug down.

Microsoft bumped the version

WindowsXP-KB908531-x86-ENU.exe is now WindowsXP-KB908531-v2-x86-ENU.exe.

I've just posted the corrected scripts.

Which version of mkisofs.exe are you using? Also, how are you burning the CD, with cdrecord? If so, which version? I don't just mean the version number, but where did you get the version from, as there are several different sites providing the same version number.

I just created an .ISO and loaded into VMWare, and was not able to duplicate your problem. Perhaps the issue is with cdrecord?

I had same prob' installing X

I had same prob' installing XP but with the error number being a '7'. Which meant it was either bad RAM or dud BIOS... it was the BIOS.

I did get error 14 a couple of times, but it actually applies only to WIN2000 if your read what MS say, see here:

http://support.microsoft.com/?kbid=281647

Yes, you can!

Thank you so much for this slipstream script, Ross.

I'm very happy that I can arrange slipstreaming without having to install .net framework (like nlite).

I want to contribute with a tiny adjustment.
I edited the following lines and it works for me:

Change:

  :: can't use quotes :(
  for %%a in (%hotfixdir%\Windows*.exe) do (

into

  :: Yes you can! :D
  for %%a in ("%hotfixdir%"\Windows*.exe) do (

Notice where the quotes fit.

I like the suggestion to use wget in another reply.

Again, thank you Ross!

Yes, I should quote more

I'll fix this to the next release.

Thanks for help, and the positive feedback,

Ross

Downloading files is cumbersome....

I found the download method cumbersome - it requires too much work to browse and save each time for each file, and will only get more cumbersome as more updates are released.

I used a little program called wget for Windows, which is a binary compiled from the same source as the *nix versions. You can download it from the link below, but I'm sure there are many other places to get it too:

http://www.interlog.com/~tcharron/wgetwin.html

I placed the wget.exe file in the same folder as the .cmd files, and then in the files I replaced the line:

start /D"%hotfixdir%" /wait /b %1

with this instead:

start /D"%hotfixdir%" /wait wget %1

I've removed the /b to allow viewing the download process in the window that opens for the wget operation for easier monitoring.

Anyway, I trust that may be an alternate way for some people to get the files without as much intervention. It sure made it go a lot faster too. :-)

Devin

Windows Media Player issue

I know you're probably working on adding the three new critical 4/11/2006 hotfixes, but I'd suggest making the following tweak as well.

By adding KB911565 and KB911564, you effectively force the new Windows installation to upgrade to Windows Media Player 10. I think that leaves you with two options: either slipstream WMP10 into your script, or more conservatively, slipstream the WMP9 version of KB911565. I have NOT tested if this would allow the default WMP9 to run.

I'd favor the "less is more" philosophy and rather than bundling WMP10 (and the six or seven hotfixes for it), to stick with WMP9 that defaults in Windows XP.

Excellent point

I will implement as you suggested.

And yes, I'm working on the April fixes now. I should have the changes up this evening.

Thanks

Script tested

The latest April 2006 script works great, and WMP9 works out of the box!

Question for you...

"Note: KB885835 and KB885250 share the same file (mrxsmb.sys), so an error occurs if you attempt to slipstream both of them at once. These scripts solve this issue by superceeding KB885835's version of the file (5.1.2600.2541, xpsp_sp2_gdr.040919-1056, dated 10-27-2004, 448,128 bytes) with KB885250's version (5.1.2600.2598, xpsp_sp2_gdr.041130-1729, dated 1-18-2005, 451,584 bytes). "

I am interested in your fix you have explained here. I have created a similar batch file to update our source and I ran into the problem described above. I made a few posts on the Microsoft's Users groups page and I was basically told that this was a bug in the patch. How and/or where did you come about the solution? You would think Microsoft would have released a fix to the patch, but they haven't... I use the /integrate switch with the updates and they seem to work except when I try to integrate the KB885835 patch. I would appreciate any advice.

Thanks,

Alan

Trial and error

Alan,

Trial and error is how I came up with it.

Please note, on Wed, 04/20/2005 @ 07:33, adfernandes posted the comment:

1) QCHAIN.exe, which ensures that the highest file version is installed if there is a scenario where 2 hotfixes contain the same exe/dll file with different version numbers.

I haven't explored this lead.

-Ross

Awesome script!

Awesome script! I created a login just to say this :)

bit of a noob question

i am running the script from a 2k3 SP1 box. Every time a patch file is downloaded, IE prompts me to "run" or "save" the file. How do you avoid this prompt and automatically download the file?

Automatically Slipstream Windows XP with SP2 and All Post-SP2 Se

Hi

Just snooping around, looking for a easy way of patching my XP.
Nice work with the script.
Just done some mod. to use it on my W2K3 server.

And I just have to ask the rookie question...
How to ju figure out these path: http://download.microsoft.com/download/e/f/5/ef594826-fca1-492e-9981-22e0f579e02e/WindowsXP-KB912919-x86-ENU.exe???

Grateful for some tip/help here.

-Alexander

Alexander, I download it w

Alexander,

I download it with a download utility such as flashget, or wget -S. They tell you the "final" URL.

Hi, I'm a bit at a loss fo

Hi,

I'm a bit at a loss for how to use wget in this application. From the documentation it appears that I have to tell wget the address the file to download. How can I do that if I I don't yet *know* the URL for the files as is the case with these MS hotfixes?

]-[

possible bug in xcopy command

Thanks very much for writing this script! It worked very well. I tried to use RyanVM's system, but it failed. (I'm using RIS on W2K3)
I had to edit the xcopy command in the script to make it work.
the original:

xcopy "%sourcedir%\" "%builddir%\" /e/r/y

failed with "Invalid path" - even though it displays nothing unusual.

changing it to:

xcopy "%sourcedir%" "%builddir%" /i/e/r/y

worked fine. I think it is equivalent (/i).
So it seems that the '\' is a problem somehow.

Also, please add KB910437 (Windows Update Access violation).
When I installed after integration it was listed as critical.
thanks!

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 
Special thanks to Riester Rente Online for a generous donation!