@rem Apply Windows XP Service Pack 3 and all critical post-SP3 hotfixes @rem Copyright (c) 2003-2009, Ross Smith. All rights reserved. :: ChangeLog: :: Added jun-sep 08 releases :: Added oct 08 releases :: Added nov-jan 09 releases: thanks to cavd and cubanric! :: Added feb 09-mar 09 releases :: Added apr 09 releases @rem $Id$ @if "%debug%" == "" echo off @if not "%debug%" == "" echo on :: the relative directory containing the SP3 and all hotfixes :: do not include trailing backslash :: if left blank, the current directory will be used set hotfixdir=. :: options for hotfixes set options=/passive /norestart if not "%1" == "" ( set hotfixdir=%1 ) verify other 2>nul setlocal enableextensions setlocal enabledelayedexpansion if exist "%hotfixdir%" goto hotfix_ok :get_hotfix echo. echo Enter the directory path to contain Service Pack 3 and the hotfixes set REPLY= set /p REPLY=or press [Enter] for '%hotfixdir%' or enter Q to quit : if /i "%reply%" == "Q" goto :eof if not exist "%reply%\" ( echo. echo The directory '%reply%' does not exist echo. goto get_hotfix ) set hotfixdir=%reply% :hotfix_ok cd /d "%hotfixdir%" echo Please save all files in the directory '%hotfixdir%' if not "%DOWNLOADER%" == "" goto start_downloads wget --version >nul 2>nul if not errorlevel 9009 ( set DOWNLOADER=wget -nd -N goto start_downloads ) curl --version >nul 2>nul if not errorlevel 9009 ( set DOWNLOADER=curl -k -L -O -R goto start_downloads ) set DOWNLOADER=start /D"%hotfixdir%" /wait /b :start_downloads :: jul 08: none :: aug 08: del /f *KB950759* >nul 2>nul :: sep 08: none :: oct 08: del /f *KB953838* >nul 2>nul :: nov 08: none :: dec 08: none :: jan 09: del /f *KB957095* >nul 2>nul :: feb 09: none :: mar 09: del /f *KB954211* >nul 2>nul :: apr 09: del /f *KB951698* >nul 2>nul del /f *KB956841* >nul 2>nul del /f *KB958215* >nul 2>nul del /f *KB960714* >nul 2>nul :: Jun 08: :: MS08-030 – Critical :: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/a/6/5/a65308a2-7ede-4219-981a-20feb38bfd0e/WindowsXP-KB951376-v2-x86-ENU.exe :: MS08-031 - Critical :: Cumulative Security Update for Internet Explorer (950759) :: SP2: replaces MS08-024 :: SP3: replaces none :: replaced by MS08-45 :: call :download http://download.microsoft.com/download/2/2/5/2255ad65-47ba-44f1-9e88-feba8f019c55/WindowsXP-KB950759-x86-ENU.exe :: MS08-032 - Moderate :: Cumulative Security Update of ActiveX Kill Bits (950760) :: SP2: replaces MS08-023 :: SP3: replaces none call :download http://download.microsoft.com/download/c/6/e/c6e4b3e0-0af6-4ac8-92f7-5f7e8d471fb2/WindowsXP-KB950760-x86-ENU.exe :: MS08-033 – Critical :: Vulnerabilities in DirectX Could Allow Remote Code Execution (951698) :: SP2: replaces MS07-064 :: SP3: replaces none :: replaced by MS09-011 :: call :download http://download.microsoft.com/download/3/1/5/315c86ba-2910-47f0-9f02-b5616511536d/WindowsXP-KB951698-x86-ENU.exe :: MS08-035 – Important :: Vulnerability in Active Directory Could Allow Denial of Service (953235) :: SP2: replaces MS08-003 :: SP3: replaces none call :download http://download.microsoft.com/download/5/f/a/5fa7006d-023f-496f-9c85-796fb82dfd16/WindowsXP-KB949269-x86-ENU.exe :: MS08-036 – Important :: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762) :: SP2: replaces MS06-052 :: SP3: replaces none call :download http://download.microsoft.com/download/1/4/3/1438b520-8200-466d-9daf-4de18bd4dc0f/WindowsXP-KB950762-x86-ENU.exe :: Jul 08: :: MS08-037 – Important :: Vulnerabilities in DNS Could Allow Spoofing (953230) :: SP2: replaces MS06-064, MS08-001 :: SP3: replaces none call :download http://download.microsoft.com/download/f/5/f/f5f31962-0215-44e6-be41-02818b4373f3/WindowsXP-KB951748-x86-ENU.exe :: Aug 08: :: MS08-045 - Critical :: Cumulative Security Update for Internet Explorer (953838) :: SP2: replaces MS08-031 :: SP3: replaces MS08-031 :: replaced by MS08-058 :: call :download http://download.microsoft.com/download/3/9/3/3933471e-a08e-4640-8980-d3d3eb5b3c34/WindowsXP-KB953838-x86-ENU.exe :: MS08-046 – Critical :: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/a/1/9/a19c9aff-bd94-4fc1-98ff-db432358f902/WindowsXP-KB952954-x86-ENU.exe :: MS08-048 - Important :: Security Update for Outlook Express and Windows Mail (951066) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/3/a/f/3afd84f3-729c-4f54-9d38-e77c5112ae0d/WindowsXP-KB951066-x86-ENU.exe :: MS08-049 – Important :: Vulnerabilities in Event System Could Allow Remote Code Execution (950974) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/5/d/d/5dd0ab05-b357-4175-bd93-894903f07579/WindowsXP-KB950974-x86-ENU.exe :: MS08-050 – Important :: Vulnerability in Windows Messenger Could Allow Information Disclosure (955702) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/4/d/8/4d84fd95-9124-461a-95eb-6b5908b6fe62/WindowsXP-KB946648-x86-ENU.exe :: Sep 08: :: MS08-052 - Critical :: Vulnerabilities in GDI+ Could Allow Remote Code Execution (9545::93) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/7/8/1/78141DC7-3B1D-42F3-9AA2-4DCA79AD739B/WindowsXP-KB938464-v2-x86-ENU.exe :: MS08-053 - Critical :: Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/2/b/2/2b252ed6-39fe-423d-a74e-d48c85d24c2a/WindowsMedia9-KB954156-x86-ENU.exe :: MS08-054 - Critical :: Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/b/6/6/b662a844-9aa2-4b80-8713-27a6c0da16d8/WindowsMedia11-KB954154-x86-ENU.exe :: Oct 08: :: MS08-058 - Critical :: Cumulative Security Update for Internet Explorer (956390) :: SP2: replaces MS08-045 :: SP3: replaces MS08-045 :: replaced by MS08-073 :: call :download http://download.microsoft.com/download/4/c/f/4cf3fd3b-a024-494a-b285-49f5920016e8/WindowsXP-KB956390-x86-ENU.exe :: http://download.microsoft.com/download/f/5/3/f53a9daf-3d2a-4743-a8a3-7a92ba0e2638/IE7-WindowsXP-KB956390-x86-ENU.exe :: MS08-061 – Important :: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211) :: SP2: replaces MS08-025 :: SP3: replaces none :: replaced by MS09-006 :: call :download http://download.microsoft.com/download/2/5/3/25324004-a2df-4163-95f5-ae9127b0f3ad/WindowsXP-KB954211-x86-ENU.exe :: MS08-062 - Important :: Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/d/7/f/d7f097e0-f290-4ff6-98ea-edaf8e78140f/WindowsXP-KB953155-x86-ENU.exe :: MS08-063 – Important :: Vulnerability in SMB Could Allow Remote Code Execution (957095) :: SP2: replaces MS06-063 :: SP3: replaces none ;: replaced by MS09-001 :: call :download http://download.microsoft.com/download/3/3/f/33f997d5-b567-4ee9-82aa-3868629a1ec5/WindowsXP-KB957095-x86-ENU.exe :: MS08-064 – Important :: Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841) :: SP2: replaces MS07-022 :: SP3: replaces none ;: replaced by MS09-012 :: call :download http://download.microsoft.com/download/0/0/9/009cb4f8-9a59-412b-8811-f9f0b7703ee6/WindowsXP-KB956841-x86-ENU.exe :: MS08-066 – Important :: Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/4/0/5/405222d0-5171-4ffb-a86e-7889e1161c1d/WindowsXP-KB956803-x86-ENU.exe :: MS08-067 – Critical :: Vulnerability in Server Service Could Allow Remote Code Execution (958644) :: SP2: replaces MS06-040 :: SP3: replaces none call :download http://download.microsoft.com/download/4/f/a/4fabe08e-5358-418b-81dd-d5038730b324/WindowsXP-KB958644-x86-ENU.exe :: Nov 08: :: MS08-068 | Important :: Vulnerability in SMB Could Allow Remote Code Execution (957097) :: SP2: replaces MS05-011 :: SP3: replaces none call :download http://download.microsoft.com/download/4/b/c/4bcfd71b-1f5a-4f9c-8c57-0b7ba2aae684/WindowsXP-KB957097-x86-ENU.exe :: MS08-069 | Critical :: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) :: SP2: replaces MS06-042 :: SP3: replaces none call :download http://download.microsoft.com/download/d/6/5/d65961a2-d09b-4560-af78-1e4f97b77359/WindowsXP-KB955069-x86-ENU.exe :: these won't slipstream, but they can be run after windows is installed: call :download http://download.microsoft.com/download/9/7/1/971f55c8-d512-494f-9c5e-7cc3f9b190ee/msxml4-KB954430-enu.exe call :download http://download.microsoft.com/download/2/7/5/2753aabc-24de-41be-a05b-d41fc76f3aad/msxml6-KB954459-enu-x86.exe :: Dec 08 :: MS08-071 – Critical :: Vulnerabilities in GDI Could Allow Remote Code Execution (956802) :: SP2: replaces MS08-021 :: SP3: replaces none call :download http://download.microsoft.com/download/0/0/D/00DBCA9D-B3CF-4F9E-A671-6CD79FC1DC4C/WindowsXP-KB956802-x86-ENU.exe :: MS08-073 - Critical :: Cumulative Security Update for Internet Explorer (958215) :: SP2: replaces MS08-058 :: SP3: replaces MS08-058 :: cavd - 22-jan-09 - changed from ie7 to ie6 - baseline xp doesn't have ie7! :: call :download http://download.microsoft.com/download/0/2/9/0297FF58-CEFC-48DB-9CED-97796B754137/IE7-WindowsXP-KB958215-x86-ENU.exe :: replaced by MS09-011 :: call :download http://download.microsoft.com/download/6/D/8/6D8C124A-CFC2-43D7-A2DA-9411DA0D3CB5/WindowsXP-KB958215-x86-ENU.exe :: MS08-076 – Important :: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) :: SP2: replaces none :: SP3: replaces none :: cavd - 22-jan-09 :: there is now a v2 of 952069 :: the dox also suggest that for baseline XP is 954600 :: call :download http://download.microsoft.com/download/8/8/2/8822FCC3-55EB-4B37-B448-51FBE65DDC39/WindowsXP-WindowsMedia-KB952069-x86-ENU.exe call :download http://download.microsoft.com/download/8/8/2/8822FCC3-55EB-4B37-B448-51FBE65DDC39/WindowsXP-WindowsMedia-KB952069-v2-x86-ENU.exe call :download http://download.microsoft.com/download/E/C/7/EC7B6956-2C13-4196-9E35-375C828ACB6C/WindowsXP-KB954600-x86-ENU.exe :: MS08-078 - Critical :: Security Update for Internet Explorer (960714) :: SP2: replaces none :: SP3: replaces none :: cavd - 22-jan-09 - changed from ie7 to ie6 - baseline xp doesn't have ie7! :: call :download http://download.microsoft.com/download/6/C/3/6C3F5EB1-846B-4E59-8346-6A380A77125C/IE7-WindowsXP-KB960714-x86-ENU.exe :: replaced by MS09-011 :: call :download http://download.microsoft.com/download/F/2/7/F27B3516-F7FD-4B84-919F-9B8CEC4BC4A5/WindowsXP-KB960714-x86-ENU.exe :: Jan 09 :: MS09-001 – Critical :: Vulnerabilities in SMB Could Allow Remote Code Execution (958687) :: SP2: replaces MS08-063 :: SP3: replaces MS08-063 call :download http://download.microsoft.com/download/B/9/7/B9798068-1B3B-4EE7-BC2A-2371C54B0ADD/WindowsXP-KB958687-x86-ENU.exe :: Feb 09 :: baseline xp doesn't have ie7! :: http://download.microsoft.com/download/0/C/6/0C629D20-9FDC-4D29-B71F-BA4F2461C634/IE7-WindowsXP-KB961260-x86-ENU.exe :: Mar 09 :: MS09-006 – Critical :: Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690) :: SP2: replaces MS08-061 :: SP3: replaces MS08-061 call :download http://download.microsoft.com/download/9/5/D/95DB5691-545D-4D50-81FF-D7D002601CE6/WindowsXP-KB958690-x86-ENU.exe :: MS09-007 - Important :: Vulnerability in SChannel Could Allow Spoofing (960225) :: SP2: replaces MS07-031 :: SP3: replaces none call :download http://download.microsoft.com/download/8/2/3/8233E377-3D72-42C2-827E-7F7A7B7A9B19/WindowsXP-KB960225-x86-ENU.exe :: apr 09 :: MS09-010 - Critical :: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477) :: KB923561 :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/7/0/B/70B97A4C-2D61-44F1-B8F7-EAFF9C07B172/WindowsXP-KB923561-x86-ENU.exe :: MS09-013 - Critical :: Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803) :: SP2: replaces none :: SP3: replaces none call :download http://download.microsoft.com/download/3/C/A/3CA5C5CF-7752-4401-A5C3-42AE64C1C754/WindowsXP-KB960803-x86-ENU.exe :: MS09-011 - Critical :: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373) :: SP2: replaces MS08-033 :: SP3: replaces MS08-033 call :download http://download.microsoft.com/download/3/1/4/31488E52-F4E1-43EB-9745-5D0D1F156685/WindowsXP-KB961373-x86-ENU.exe :: MS09-014 - Critical :: Cumulative Security Update for Internet Explorer (963027) :: SP2: replaces MS08-073, MS08-078 :: SP3: replaces MS08-073, MS08-078 call :download http://download.microsoft.com/download/6/8/3/683EF04C-F675-4A52-A2E4-86B01C484F22/WindowsXP-KB963027-x86-ENU.exe :: MS09-012 - Important :: Vulnerabilities in Windows Could Allow Elevation of Privilege (959454) :: SP2: replaces MS07-022, MS08-002, MS08-064 :: SP3: replaces MS08-064 call :download http://download.microsoft.com/download/1/7/8/17850352-F46F-46C9-97DF-14CB73461B16/WindowsXP-KB952004-x86-ENU.exe call :download http://download.microsoft.com/download/F/E/3/FE3F2F03-8128-4912-B079-7EF283013BD9/WindowsXP-KB956572-x86-ENU.exe :: MS09-015 – Moderate :: Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426) :: SP2: replaces MS07-035 :: SP2: replaces MS07-035 call :download http://download.microsoft.com/download/4/D/0/4D0E640D-5297-4F86-BB59-06350DF73AA8/WindowsXP-KB959426-x86-ENU.exe :: set HOTFIXES=923561 938464 946648 949269 950760 950762 950974 951066 951376 951748 952004 952069 952954 953155 954156 954600 955069 956572 956802 956803 957097 958644 958687 958690 959426 960225 960803 961373 963027 set fixes_applied= if not exist %SystemRoot%\system32\xpsp3res.dll ( :: http://support.microsoft.com/kb/936929 : Windows XP Service Pack 3 call :download http://download.microsoft.com/download/d/3/0/d30e32d8-418a-469d-b600-f32ce3edf42d/WindowsXP-KB936929-SP3-x86-ENU.exe set KB936929=!rv! if not exist !KB936929! ( echo File not found: '!KB936929!' goto :eof ) echo Integrating !KB936929!... start "Integrating !KB936929!..." /wait "%hotfixdir%\!KB936929!" %options% set e=%errorlevel% if errorlevel 1 ( echo !KB936929! returned error %e% goto :eof ) set fixes_applied=!fixes_applied! KB936929 ) set XPSP3_REG=%temp%\xpsp3.reg copy /y nul "%XPSP3_REG%" regedit /e "%XPSP3_REG%" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates" :: ignore errors, per http://smithii.com/slipstream_xpsp3#comment-287 :: set e=%errorlevel% :: :: if not exist "%XPSP3_REG%" ( :: echo Can't export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates" to :: echo "%XPSP3_REG%" :: echo regedit returned error %e% :: goto :eof :: ) echo on :: for %%c in (%HOTFIXES%) do ( for %%a in ("%hotfixdir%"\Windows*%%c*.exe) do ( for /f "delims=- tokens=2" %%b in ("%%a") do ( set kb=%%b ) if /i not "!kb!" == "KB936929" ( find "!kb!" "%XPSP3_REG%" >NUL 2>NUL if errorlevel 1 ( echo Integrating %%a... start "Integrating %%a..." /wait "%hotfixdir%\%%a" %options% set e=%errorlevel% :: 3010 = reboot required if not "!e!" == "3010" ( if errorlevel 1 ( echo %%a returned error %e% goto :eof ) ) set fixes_applied=!fixes_applied! !kb! ) ) ) :: ) del /f "%XPSP3_REG%" echo. if "%fixes_applied%" == "" ( echo All fixes have already been applied to %SystemRoot% ) else ( echo The following fixes have been applied to %SystemRoot%: echo %fixes_applied% set /p REPLY=Do you want to reboot now [Y,N] ? if /i "%reply%" == "y" ( shutdown -r -t 20 -c "Applied hotfixes %fixes_applied%" ) ) echo. goto :eof :download for /f "delims=/ tokens=8" %%a in ("%1") do set exe=%%a set rv=%exe% if "%rv%" == "" ( echo Unable to parse the filename from "%1" goto :eof ) if exist "%hotfixdir%\%rv%" goto :eof %DOWNLOADER% %1 :loop if "%debug%" == "" cls echo.|time|find "current" echo Waiting for "%hotfixdir%\%rv%" to appear echo or press [Ctrl]-[Break] to abort... ping -w 1000 -n 2 127.0.0.1 >nul 2>nul if not exist "%hotfixdir%\%rv%" goto :loop cacls "%hotfixdir%\%rv%" /T /E /C /G "%USERNAME%":F goto :eof