DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 

Automatically Slipstream Windows XP with SP3 and All Post-SP3 Security Hotfixes with a Single Command (Updated 03-May-09)

For information about slipstreaming Windows XP SP2, visit http://smithii.com/slipstream_xpsp2.

I've written the batch file xpsp3.cmd (updated 03-May-09) to automatically download and slipstream a standard Windows XP boot disk with Service Pack 2 and all post-SP3 security hotfixes.

It uses wget or curl (if either are found in the PATH), or your installed browser to download the updates. I have tested this with Internet Explorer, Firefox, and Opera. Other browsers should work, as well.

The batch file xpsp3local.cmd (updated 03-May-09) will update the copy of Windows XP that is installed on the computer you run the command on. You may wish to do this, if you do not have, or want, the machine you want to hotfix connected to the internet, or if you are unable to run Windows Update for some reason (for example, if Internet Explorer isn't installed, or doesn't work properly, due to a virus or similar mishap).

To slipstream the hotfixes, and burn the slipstreamed disk, I've created the makefile xpsp3.mak (updated 03-May-09). Details on usage below.

The xpsp3* scripts listed above include the following security updates found at http://www.microsoft.com/technet/security/current.aspx:

Apr 09:

MS09-010 - Critical
Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
KB923561
SP2: replaces none
SP3: replaces none

MS09-013 - Critical
Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
SP2: replaces none
SP3: replaces none

MS09-011 - Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
SP2: replaces MS08-033
SP3: replaces MS08-033

MS09-014 - Critical
Cumulative Security Update for Internet Explorer (963027)
SP2: replaces MS08-073, MS08-078
SP3: replaces MS08-073, MS08-078

MS09-012 - Important
Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
SP2: replaces MS07-022, MS08-002, MS08-064
SP3: replaces MS08-064

MS09-015 – Moderate
Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
SP2: replaces MS07-035
SP2: replaces MS07-035

Mar 09:

MS09-006 – Critical
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
SP2: replaces MS08-061
SP3: replaces MS08-061

MS09-007 - Important
Vulnerability in SChannel Could Allow Spoofing (960225)
SP2: replaces MS07-031
SP3: replaces none

Feb 09:

Jan 09

MS09-001 – Critical
Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
SP2: replaces MS08-063
SP3: replaces MS08-063

Dec 08

MS08-071 – Critical
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
SP2: replaces MS08-021
SP3: replaces none

MS08-073 - Critical
Cumulative Security Update for Internet Explorer (958215)
SP2: replaces MS08-058
SP3: replaces MS08-058

MS08-076 – Important
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
SP2: replaces none
SP3: replaces none

MS08-078 - Critical
Security Update for Internet Explorer (960714)
SP2: replaces none
SP3: replaces none

Nov 08:

MS08-068 | Important
Vulnerability in SMB Could Allow Remote Code Execution (957097)
SP2: replaces MS05-011
SP3: replaces none

MS08-069 | Critical
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
SP2: replaces MS06-042
SP3: replaces none

Oct 08:

MS08-061 – Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
SP2: replaces MS08-025
SP3: replaces none

MS08-062 - Important
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
SP2: replaces none
SP3: replaces none

MS08-064 – Important
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
SP2: replaces MS07-022
SP3: replaces none

MS08-066 – Important
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
SP2: replaces none
SP3: replaces none

MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
SP2: replaces MS06-040
SP3: replaces none

Sep 08:

MS08-052 - Critical
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
SP2: replaces none
SP3: replaces none

MS08-053 - Critical
Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
SP2: replaces none
SP3: replaces none

MS08-054 - Critical
Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
SP2: replaces none
SP3: replaces none

Aug 08:

MS08-045 - Critical
Cumulative Security Update for Internet Explorer (953838)
SP2: replaces MS08-031
SP3: replaces MS08-031

MS08-046 - Critical
Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
SP2: replaces none
SP3: replaces none

MS08-048 - Important
Security Update for Outlook Express and Windows Mail (951066)
SP2: replaces none
SP3: replaces none

MS08-049 - Important
Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
SP2: replaces none
SP3: replaces none

MS08-050 - Important
Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
SP2: replaces none
SP3: replaces none

Jul 08:

MS08-037 - Important
Vulnerabilities in DNS Could Allow Spoofing (953230)
SP2: replaces MS06-064, MS08-001
SP3: replaces none

Jun 08:

MS08-030 - Critical
Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
SP2: replaces none
SP3: replaces none

MS08-031 - Critical
Cumulative Security Update for Internet Explorer (950759)
SP2: replaces MS08-024
SP3: replaces none
replaced by MS08-45

MS08-032 - Moderate
Cumulative Security Update of ActiveX Kill Bits (950760)
SP2: replaces MS08-023
SP3: replaces none

MS08-033 - Critical
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
SP2: replaces MS07-064
SP3: replaces none

MS08-035 - Important
Vulnerability in Active Directory Could Allow Denial of Service (953235)
SP2: replaces MS08-003
SP3: replaces none

MS08-036 - Important
Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
SP2: replaces MS06-052
SP3: replaces none

<!-- ******************************************************************** -->
These updates are not included as they have been superceeded by a following update:
<!-- ******************************************************************** -->

<!-- ******************************************************************** -->
The following security updates are not presently included:
<!-- ******************************************************************** -->

Please let me know if you feel I've missed an important update.

Fitting All the Hotfixes onto a 700MB CD

If you slipstream all of the hotfixes listed above, the resulting size will be greater than will fit on a single 700MB "80 minute" CD-R. There are two options to get around this limitation:

1. Burn to a DVD instead of a CD. Of course, this isn't an option if the computer you are installing on does not have a DVD drive, or you don't have software to burn an .ISO file to a DVD.

2. Remove unneeded directories from the CD. On my Windows XP SP1 CD, I found I could delete the following directories before creating the .ISO:

D:\I386\WIN9XMIG: 33.5MB (Windows 9x migration files, not used when performing a fresh XP installation)
D:\DOTNETFX:      33.1MB (.NET Framework, install this manually later if needed)
D:\cmpnents       26.5MB (.NET Framework, TabletPC)
D:\SUPPORT:       11.3MB (Support tools, not used by the installer)
D:\VALUEADD:       9.1MB (Value added programs, not used by the installer)
D:\I386\WIN9XUPG:  3.9MB (Windows 9x upgrade files, not used when performing a fresh XP installation)
D:\DOCS:           0.1MB (Miscellaneous documents, not used by the installer)

If you don't need to install the Recovery Console, you can remove:

D:\I386\WINNTUPG:  1.0MB (Windows NT/2000 upgrade files, not used when performing a fresh XP installation)

If you don't need to install languages other than English, you can remove:

D:\I386\LANG:    101.7MB

If you remove all of the above directories, you will have reduced the size of the CD by over 223MB. Using my Windows XP SP1 disk, I went from 786MB, to 563MB, which easily fits on most sizes of CD-R media (see the table below).

Here is a table listing the different sizes of CD media. The sizes listed below I discovered empirically, and may vary depending on the type of media used.

Disk Type                       Size
------------------------ -----------
80 minute/"700MB" CD-R   697,425,920
74 minute/"650MB" CD-R   642,883,584
80 minute/"700MB" CD-R/W 598,808,576
74 minute/"650MB" CD-R/W 557,260,800

Of course, using a program such as nLite, you can accomplish a far greater size reduction that what is listed above.

For more information, see:

http://unattended.msfn.org/unattended.xp/view/web/57/
http://pages.videotron.com/tbone/unattended/#_Toc79089721


Using Cygwin to Burn a Bootable CD

If you have, or install, Cygwin, you can build and burn a bootable CD, by editing the CD and CD_DEV variables at the beginning of xpsp3.mak, and typing:

$ make -f xpsp3.mak

You can also add the parameters on the command line:
$ make -f xpsp3.mak CD=F: CD_DEV=0,0,0

If you include md5s.txt (updated 03-May-09), make will verify the files downloaded correctly before executing them.

Of course, to run make, you will need to install Cygwin and select the make, perl, and wget packages.

To create a Windows XP boot disk with Service Pack 1a and Update Rollup 1 (KB826939), use xpsp1_ru.mak.

Older Scripts

To slipstream a Windows XP boot disk with SP2, use xpsp2.cmd.

To update Windows XP with SP2, use xpsp2local.cmd.

To create a Windows XP boot disk with SP2, use xpsp2.mak.

To create a Windows XP boot disk with only SP1a, use xpsp1.mak.

To create a Windows 2000 boot disk with SP4, use w2k_sp4.mak.

Microsoft XML Core Services Hotfixes

For Microsoft XML Core Services, run msxml_hotfixes.cmd (updated 01-Jan-08) to install the latest hotfixes locally.

Microsoft Office 2003 SP3 and Hotfixes

For Office 2003, run office_2003_hotfixes.cmd (updated 31-Dec-07) to install Service Pack 2, and all post-SP3 hotfixes locally.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

I am a bit lost here

I can see various files, but do I need to download all of the hotfixes separately from Microsoft and then build a cd/dvd? I seem to be missing some thing in translation. dale

Update - July 09

First up there is a typo in XPSP3.CMD for MS08-073 and MS08-078, saying that these were replaced by MS09-011, they were replaced by MS09-014.

If you change the delete in MS08-076 to:- del /f *KB952069-x86* >nul 2>nul you only delete the replaced version. Not the the requested version, 2.

As the last hotfix listed is MS09-015, in XPsp3.cmd, here are the new changes:-

:: MS09-016 – N/A 14 Apr 2009
:: Security Update for ISA Server (KB968078 et al)
:: SP3: N/A

:: MS09-017 – N/A 14 Apr 2009
:: Security Update for Microsoft PowerPoint 2002 (KB957781 et al)
:: SP3: N/A

:: MS09-018 – Important 09 Jun 2009
:: Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055 (970437))
:: SP2: Replaces MS08-035
:: SP3: Replaces MS08-035
:: Only required for XP-Pro
call :download http://download.microsoft.com/download/6/7/C/67CFF4EA-7B24-4B9C-B928-456216BFD998/WindowsXP-KB970437-x86-ENU.exe

:: MS09-019 - Critical 09 Jun 2009
:: Cumulative Security Update for Internet Explorer (969897)
:: SP2: replaces MS09-014 Replaced by MS09-034
:: SP3: replaces MS09-014 Replaced by MS09-034
:: call :download http://download.microsoft.com/download/0/5/2/05253594-0A69-4961-B602-E6271CCEF071/WindowsXP-KB969897-x86-ENU.exe
del /f *KB969897* >nul 2>nul

:: MS09-020 - Important 09 Jun 2009
:: Vulnerabilities in Internet Information Services (IIS) could allow elevation of privilege (KB970483)
:: SP3: replaces none
:: Only required for XP-Pro
call :download http://download.microsoft.com/download/4/D/A/4DA4F49E-2AD6-45CB-9A6C-B384C296BD47/WindowsXP-KB970483-x86-ENU.exe

:: MS09-021 – N/A 09 Jun 2009
:: Vulnerabilities in Microsoft Office Excel could cause remote code execution (kb969680 et al)
:: SP3: N/A

:: MS09-022 - Moderate 09 Jun 2009
:: Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)
:: SP3: replaces none
call :download http://download.microsoft.com/download/3/3/B/33B05796-344F-4BF9-B402-C37B185150AD/WindowsXP-KB961501-x86-ENU.exe

:: MS09-023 - Moderate 09 Jun 2009
:: Vulnerability in Windows Search Could Allow Information Disclosure (963093)
:: SP3: replaces none
call :download http://download.microsoft.com/download/6/0/8/608028CE-31CC-4986-A91A-8177B87DA950/WindowsServer2003.WindowsXP-KB963093-x86-ENU.exe

:: MS09-024 – N/A Jun 2009
:: Office XP kb957646 et al
:: SP3: N/A

:: MS09-025 - Important 09 Jun 2009
:: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)
:: SP2: replaces MS09-006
:: SP3: replaces MS09-006
call :download http://download.microsoft.com/download/9/D/2/9D2EC126-7130-49A5-87A8-7AC43128A9FA/WindowsXP-KB968537-x86-ENU.exe

:: MS09-026 - Important 09 Jun 2009
:: Vulnerability in RPC Could Allow Elevation of Privilege (970238)
:: SP2: replaces MS07-058
:: SP3: replaces none
call :download http://download.microsoft.com/download/E/3/B/E3B1DD89-D72F-4802-A044-D0D117039F3C/WindowsXP-KB970238-x86-ENU.exe

:: MS09-027 – N/A Jun 2009
:: Office XP kb969602 et al
:: SP3: N/A

:: MS09-028 - Critical 13 Jul 2009
:: Vulnerabilities in Microsoft DirectShow could allow remote code execution (971633)
:: SP3: replaces MS09-011
call :download http://download.microsoft.com/download/A/1/1/A110443D-880A-401C-B142-000A3D2F2B2B/WindowsXP-KB971633-x86-ENU.exe

:: MS09-029 - Critical 13 Jul 2009
:: Vulnerabilities in the Embedded OpenType Font Engine (961371)
:: SP2: replaces MS06-002 (kb908319)
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/B/B/4BBFCBF5-4299-4A60-A562-E4CFA95C1A63/WindowsXP-KB961371-x86-ENU.exe

:: MS09-030 - N/A Jul 2009
:: Office publisher 2007 (kb969693)
:: SP3: N/A

:: MS09-031 - N/A Jul 2009
:: ISA server (kb970811 et al)
:: SP3: N/A

:: MS09-032 - Critical 14 Jul 2009
:: Cumulative Security Update of ActiveX Kill Bits (973346)
:: SP2: replaces MS08-032, kb969898
:: SP3: replaces MS08-032, kb969898
call :download http://download.microsoft.com/download/8/3/1/83117437-0331-47A0-A737-05B9CCC3B096/WindowsXP-KB973346-x86-ENU.exe

:: MS09-033 - N/A Jul 2009
:: Virtual PC (kb969856)
:: SP3: N/A

:: MS09-034 - Critical 28 Jul 2009
:: Cumulative Security Update for Internet Explorer 6 for Windows XP (KB972260 et al)
:: SP2: replaces MS09-019
:: SP3: replaces MS09-019
call :download http://download.microsoft.com/download/0/3/3/033CF631-AFD2-49E7-BDBD-6B760117BF5D/WindowsXP-KB972260-x86-ENU.exe

:: MS09-035 - N/A 27 Jul 2009
:: Security Update for Microsoft Visual C++ 2005 SP1 and 2008, Redistributable Package (973923 et al)
:: SP3: N/A

You may want to add these High Priority hot fixes:-

:: High Priority 06 May 2009
:: How to disable the Autorun functionality in Windows (KB967715)
:: SP2: ??
:: SP3: replaces none see MS08-038
call :download http://download.microsoft.com/download/1/B/3/1B331878-8AF9-4642-94F4-0B0B0A9DD14A/WindowsXP-KB967715-x86-ENU.exe

:: High Priority 06 May 2009
:: Script output is not displayed as expected when you run VBScript or JScript scripts in Windows XP Service Pack 3 (951978)
:: SP2: ??
:: SP3: replaces none
call :download http://download.microsoft.com/download/e/8/0/e8068559-4482-451c-9dff-1fcf12102a5e/WindowsXP-KB951978-x86-ENU.exe

:: High Priority 09 Jun 2009
:: Update Rollup for ActiveX Killbits for Windows (KB969898)
:: SP2: ??
:: SP3: replaces KB960715 see MS08-032, replaced by MS09-032
:: call :download http://download.microsoft.com/download/B/0/9/B09A1DAE-BAF4-4E2D-90D7-B9B9236765B3/WindowsXP-KB969898-x86-ENU.exe
del /f *KB969898* >nul 2>nul

Obviously the new delete commands for SP3 are:-

:: MS08-032
del /f *KB950760* >nul 2>nul

:: MS08-035
del /f *KB949269* >nul 2>nul

:: MS09-006
del /f *KB958690* >nul 2>nul

:: MS09-011
del /f *KB961373* >nul 2>nul

:: MS09-014
del /f *KB963027* >nul 2>nul

:: MS09-019 Only if you downloaded it.
del /f *KB969897* >nul 2>nul

I found that KB923789, MS06-069 is also required for SP3, it was reissued May 2008. However I have not been able to get it to integrate into the disk. This is not downloaded in the SP2 command file.

:: MS06-069 - Critical 13 May 2008
:: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)
:: SP3: replaces none, updated & re-issued.
:: non-standard update, uses /q:a switch
call :download http://download.microsoft.com/download/0/5/2/052a7c81-831f-46aa-b707-bb5ec050f4db/WindowsXP-KB923789-x86-ENU.exe

MattG

cmd files not updated?

Hi, these scripts are really good, thanks for doing them. From trying to manually update them myself occasionally, I can see it's not particularly easy or quick! Unfortunately following the 3 May update, it appears that the .cmd files linked to are still the ones up to March, and don't include any of the April updates listed on this page. I have tried the usual clearing cache, accessing via 2 completely separate PCs (so it is not cache/proxy type problem that I'm seeing the wrong thing). Thanks.

halsteadk,

Thanks for the heads up! The correct files have been posted.

January makefile Updates and fixes

I have applied the fixes and updates cavd applied to the .cmd script to the makefile (.mak). Below I have included the md5 sums (caveat emptor) that I added to md5s.txt (and the diff output that can be used to patch the makefile.

2d5ef15d445210182652e90f2a38df85 *WindowsXP-KB953155-x86-ENU.exe
84325c2c2bee21b27717348900bc10b6 *WindowsXP-KB954211-x86-ENU.exe
71cbfe1be45af7b5f1ecd23954e99515 *WindowsXP-KB954600-x86-ENU.exe
0c0ee04c3949ec19d2fe56cf154aa04b *WindowsXP-KB955069-x86-ENU.exe
2f1fc5f0c81aad37a80528e8369bb737 *WindowsXP-KB956391-x86-ENU.exe
b239447a68f8b7b2e2b594d9bbeeeaa9 *WindowsXP-KB956802-x86-ENU.exe
2cd02a8deae5fcd058bc3fa5c2364a24 *WindowsXP-KB956803-x86-ENU.exe
5434f26f14b882145e028a8bbff8c26b *WindowsXP-KB956841-x86-ENU.exe
2b5262997fad6dfe4d1c10a9ef369f1b *WindowsXP-KB957095-x86-ENU.exe
dcde11b706cef2f170b1559a139a8e02 *WindowsXP-KB957097-x86-ENU.exe
40d538de594cd891cf850de02b98b9b7 *WindowsXP-KB958215-x86-ENU.exe
b19776b2cab9b09b8f037935aea56f01 *WindowsXP-KB958644-x86-ENU.exe
d116a16358be7b3b3f438f743ae89b7e *WindowsXP-KB958687-x86-ENU.exe
8ccbb2bba1fdb478d68b272d70e236fd *WindowsXP-KB960714-x86-ENU.exe
4e9c91b30ae92f6e99c207110860563d *WindowsXP-WindowsMedia-KB952069-v2-x86-ENU.eXE

##Diff output begins here
5a6
> # tilaloz: added oct-jan releases, applied corrections provided by cavd
93,94c94,100
< KB950760_URL?=http://download.microsoft.com/download/c/6/e/c6e4b3e0-0af6-4ac8-92f7-5f7e8d471fb2/WindowsXP-KB950760-x86-ENU.exe
< KB950760_EXE?=$(shell basename $(KB950760_URL))
---
> #KB950760_URL?=http://download.microsoft.com/download/c/6/e/c6e4b3e0-0af6-4ac8-92f7-5f7e8d471fb2/WindowsXP-KB950760-x86-ENU.exe
> #KB950760_EXE?=$(shell basename $(KB950760_URL))
> # cavd - 22-jan-09
> # Cumulative Security Update of ActiveX Kill Bits (956391)
> # didn't get a new MS ref, but it's updated anyway
> KB956391_URL?=http://download.microsoft.com/download/0/5/9/059bcf63-4236-4588-a5a7-15d5c54ba33b/WindowsXP-KB956391-x86-ENU.exe
> KB956391_EXE?=$(shell basename $(KB956391_URL))
161a168,276
> # Oct 08:
>
> # MS08-061 - Important
> # Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
> # SP3: replaces none
> KB954211_URL?=http://download.microsoft.com/download/2/5/3/25324004-a2df-4163-95f5-ae9127b0f3ad/WindowsXP-KB954211-x86-ENU.exe
> KB954211_EXE?=$(shell basename $(KB954211_URL))
>
> # MS08-062 - Important
> # Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
> # SP3: replaces none
> KB953155_URL?=http://download.microsoft.com/download/d/7/f/d7f097e0-f290-4ff6-98ea-edaf8e78140f/WindowsXP-KB953155-x86-ENU.exe
> KB953155_EXE?=$(shell basename $(KB953155_URL))
>
> # MS08-063 - Important
> # Vulnerability in SMB Could Allow Remote Code Execution (957095)
> # SP2: replaces MS06-063
> # SP3: replaces none
> # cavd - 22-jan-09 - superceeded by ms09-001 (which doesn't install unless this is done first)
> KB957095_URL?=http://download.microsoft.com/download/3/3/f/33f997d5-b567-4ee9-82aa-3868629a1ec5/WindowsXP-KB957095-x86-ENU.exe
> KB957095_EXE?=$(shell basename $(KB957095_URL))
>
> # MS08-064 - Important
> # Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
> # SP2: replaces MS07-022
> # SP3: replaces none
> KB956841_URL?=http://download.microsoft.com/download/0/0/9/009cb4f8-9a59-412b-8811-f9f0b7703ee6/WindowsXP-KB956841-x86-ENU.exe
> KB956841_EXE?=$(shell basename $(KB956841_URL))
>
> # MS08-066 - Important
> # Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
> # SP2: replaces none
> # SP3: replaces none
> KB956803_URL?=http://download.microsoft.com/download/4/0/5/405222d0-5171-4ffb-a86e-7889e1161c1d/WindowsXP-KB956803-x86-ENU.exe
> KB956803_EXE?=$(shell basename $(KB956803_URL))
>
> # MS08-067 - Critical
> # Vulnerability in Server Service Could Allow Remote Code Execution (958644)
> # SP2: replaces MS06-040
> # SP3: replaces none
> KB958644_URL?=http://download.microsoft.com/download/4/f/a/4fabe08e-5358-418b-81dd-d5038730b324/WindowsXP-KB958644-x86-ENU.exe
> KB958644_EXE?=$(shell basename $(KB958644_URL))
>
> # Nov 08
>
> # MS08-068 - Important
> # Vulnerability in SMB Could Allow Remote Code Execution (957097)
> # SP2: replaces MS05-011
> # SP3: replaces none
> KB957097_URL?=http://download.microsoft.com/download/4/b/c/4bcfd71b-1f5a-4f9c-8c57-0b7ba2aae684/WindowsXP-KB957097-x86-ENU.exe
> KB957097_EXE?=$(shell basename $(KB957097_URL))
>
> # MS08-069 - Critical
> # Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
> # SP2: replaces MS07-042
> # SP3: replaces none
> KB955069_URL?=http://download.microsoft.com/download/d/6/5/d65961a2-d09b-4560-af78-1e4f97b77359/WindowsXP-KB955069-x86-ENU.exe
> KB955069_EXE?=$(shell basename $(KB955069_URL))
>
> # Dec 08
>
> # MS08-071 - Critical
> # Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
> # SP2: replaces MS08-021
> # SP3: replaces none
> KB956802_URL?=http://download.microsoft.com/download/0/0/D/00DBCA9D-B3CF-4F9E-A671-6CD79FC1DC4C/WindowsXP-KB956802-x86-ENU.exe
> KB956802_EXE?=$(shell basename $(KB956802_URL))
>
> # MS08-073 - Critical
> # Cumulative Security Update for Internet Explorer (958215)
> # SP2: replaces MS08-058
> # SP3: replaces MS08-058
> # cavd - 22-jan-09 - changed from ie7 to ie6 - baseline xp doesn't have ie7!
> # call :download http://download.microsoft.com/download/0/2/9/0297FF58-CEFC-48DB-9CED-97796B754137/IE7-WindowsXP-KB958215-x86-ENU.exe
> KB958215_URL?=http://download.microsoft.com/download/6/D/8/6D8C124A-CFC2-43D7-A2DA-9411DA0D3CB5/WindowsXP-KB958215-x86-ENU.exe
> KB958215_EXE?=$(shell basename $(KB958215_URL))
>
> # MS08-076 - Important
> # Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
> # SP2: replaces none
> # SP3: replaces none
> # cavd - 22-jan-09
> # there is now a v2 of 952069
> # the dox also suggest that for baseline XP is 954600
> # call :download http://download.microsoft.com/download/8/8/2/8822FCC3-55EB-4B37-B448-51FBE65DDC39/WindowsXP-WindowsMedia-KB952069-x86-ENU.exe
>
> KB952069_URL?=http://download.microsoft.com/download/8/8/2/8822FCC3-55EB-4B37-B448-51FBE65DDC39/WindowsXP-WindowsMedia-KB952069-v2-x86-ENU.exe
> KB952069_EXE?=$(shell basename $(KB952069_URL))
> KB954600_URL?=http://download.microsoft.com/download/E/C/7/EC7B6956-2C13-4196-9E35-375C828ACB6C/WindowsXP-KB954600-x86-ENU.exe
> KB954600_EXE?=$(shell basename $(KB954600_URL))
>
> # MS08-078 - Critical
> # Security Update for Internet Explorer (960714)
> # SP2: replaces none
> # SP3: replaces none
> # cavd - 22-jan-09 - changed from ie7 to ie6 - baseline xp doesn't have ie7!
> # call :download http://download.microsoft.com/download/6/C/3/6C3F5EB1-846B-4E59-8346-6A380A77125C/IE7-WindowsXP-KB960714-x86-ENU.exe
> KB960714_URL?=http://download.microsoft.com/download/F/2/7/F27B3516-F7FD-4B84-919F-9B8CEC4BC4A5/WindowsXP-KB960714-x86-ENU.exe
> KB960714_EXE?=$(shell basename $(KB960714_URL))
>
> # Jan 09
>
> # MS09-001 - Critical
> # Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
> # SP2: replaces MS08-063
> # SP3: replaces MS08-063
> KB958687_URL?=http://download.microsoft.com/download/B/9/7/B9798068-1B3B-4EE7-BC2A-2371C54B0ADD/WindowsXP-KB958687-x86-ENU.exe
> KB958687_EXE?=$(shell basename $(KB958687_URL))
>
165c280
< 950760 \
---
> 956391 \
176c291,305
< 954156
---
> 954156 \
> 954211 \
> 953155 \
> 957095 \
> 956841 \
> 956803 \
> 958644 \
> 957097 \
> 955069 \
> 956802 \
> 958215 \
> 952069 \
> 954600 \
> 960714 \
> 958687
##Diff Output ends here

January Script Update & Fixes

I've been using Ross's script for some time now, so thought it appropriate to contribute something. Many thanks for doing this, Ross.

Thanks also to cubanric for doing the December update - however there are a couple of issue with it which prompted me to post my version of the bulletin download section, which includes MS09-001 from January's patch-fest.

The main issues were with MS08-073 & MS08-078 - the IE7 versions of the hotfixes were referenced, instead of IE6. In addition, MS08-76 was re-released by MS as a version 2 hotfix, so the filename needed changing.

I've included comments too, so help yourselves.

Oh, one other thing - for some reason MS08-069 till shows up in Windows Update (and as not installed when I run "qfecheck") even though it appears to integrate successfully. If I get the time I'll try and work out why, but if anyone has any ideas..?

Cheers,
C

8<----- cut here ----------

:: Jun 08:

:: MS08-030 – Critical
:: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/a/6/5/a65308a2-7ede-4219-981a-20feb38bfd0e/WindowsXP-KB951376-v2-x86-ENU.exe

:: MS08-031 - Critical
:: Cumulative Security Update for Internet Explorer (950759)
:: SP2: replaces MS08-024
:: SP3: replaces none
:: replaced by MS08-45
:: call :download http://download.microsoft.com/download/2/2/5/2255ad65-47ba-44f1-9e88-feba8f019c55/WindowsXP-KB950759-x86-ENU.exe

:: MS08-032 - Moderate
:: Cumulative Security Update of ActiveX Kill Bits (950760)
:: SP2: replaces MS08-023
:: SP3: replaces none
:: call :download http://download.microsoft.com/download/c/6/e/c6e4b3e0-0af6-4ac8-92f7-5f7e8d471fb2/WindowsXP-KB950760-x86-ENU.exe
:: cavd - 22-jan-09
:: Cumulative Security Update of ActiveX Kill Bits (956391)
:: didn't get a new MS ref, but it's updated anyway
call :download http://download.microsoft.com/download/0/5/9/059bcf63-4236-4588-a5a7-15d5c54ba33b/WindowsXP-KB956391-x86-ENU.exe

:: MS08-033 – Critical
:: Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
:: SP2: replaces MS07-064
:: SP3: replaces none
call :download http://download.microsoft.com/download/3/1/5/315c86ba-2910-47f0-9f02-b5616511536d/WindowsXP-KB951698-x86-ENU.exe

:: MS08-035 – Important
:: Vulnerability in Active Directory Could Allow Denial of Service (953235)
:: SP2: replaces MS08-003
:: SP3: replaces none
call :download http://download.microsoft.com/download/5/f/a/5fa7006d-023f-496f-9c85-796fb82dfd16/WindowsXP-KB949269-x86-ENU.exe

:: MS08-036 – Important
:: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
:: SP2: replaces MS06-052
:: SP3: replaces none
call :download http://download.microsoft.com/download/1/4/3/1438b520-8200-466d-9daf-4de18bd4dc0f/WindowsXP-KB950762-x86-ENU.exe

:: Jul 08:

:: MS08-037 – Important
:: Vulnerabilities in DNS Could Allow Spoofing (953230)
:: SP2: replaces MS06-064, MS08-001
:: SP3: replaces none
call :download http://download.microsoft.com/download/f/5/f/f5f31962-0215-44e6-be41-02818b4373f3/WindowsXP-KB951748-x86-ENU.exe

:: Aug 08:

:: MS08-045 - Critical replaced by MS08-058 - Critical
:: Cumulative Security Update for Internet Explorer (953838)
:: SP2: replaces MS08-031
:: SP3: replaces MS08-031
:: call :download http://download.microsoft.com/download/3/9/3/3933471e-a08e-4640-8980-d3d3eb5b3c34/WindowsXP-KB953838-x86-ENU.exe

:: MS08-046 – Critical
:: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/a/1/9/a19c9aff-bd94-4fc1-98ff-db432358f902/WindowsXP-KB952954-x86-ENU.exe

:: MS08-048 - Important
:: Security Update for Outlook Express and Windows Mail (951066)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/3/a/f/3afd84f3-729c-4f54-9d38-e77c5112ae0d/WindowsXP-KB951066-x86-ENU.exe

:: MS08-049 – Important
:: Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/5/d/d/5dd0ab05-b357-4175-bd93-894903f07579/WindowsXP-KB950974-x86-ENU.exe

:: MS08-050 – Important
:: Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/d/8/4d84fd95-9124-461a-95eb-6b5908b6fe62/WindowsXP-KB946648-x86-ENU.exe

:: Ssep 08:

:: MS08-052 - Critical
:: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/7/8/1/78141dc7-3b1d-42f3-9aa2-4dca79ad739b/WindowsXP-KB938464-x86-ENU.exe

:: MS08-053 - Critical
:: Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/2/b/2/2b252ed6-39fe-423d-a74e-d48c85d24c2a/WindowsMedia9-KB954156-x86-ENU.exe

:: MS08-054 - Critical
:: Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/b/6/6/b662a844-9aa2-4b80-8713-27a6c0da16d8/WindowsMedia11-KB954154-x86-ENU.exe

:: Oct 08:

:: MS08-061 – Important
:: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
:: SP3: replaces none
call :download http://download.microsoft.com/download/2/5/3/25324004-a2df-4163-95f5-ae9127b0f3ad/WindowsXP-KB954211-x86-ENU.exe

:: MS08-062 - Important
:: Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
:: SP3: replaces none
call :download http://download.microsoft.com/download/d/7/f/d7f097e0-f290-4ff6-98ea-edaf8e78140f/WindowsXP-KB953155-x86-ENU.exe

:: MS08-063 – Important
:: Vulnerability in SMB Could Allow Remote Code Execution (957095)
:: SP2: replaces MS06-063
:: SP3: replaces none
:: cavd - 22-jan-09 - superceeded by ms09-001 (which doesn't install unless this is done first)
call :download http://download.microsoft.com/download/3/3/f/33f997d5-b567-4ee9-82aa-3868629a1ec5/WindowsXP-KB957095-x86-ENU.exe

:: MS08-064 – Important
:: Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
:: SP2: replaces MS07-022
:: SP3: replaces none
call :download http://download.microsoft.com/download/0/0/9/009cb4f8-9a59-412b-8811-f9f0b7703ee6/WindowsXP-KB956841-x86-ENU.exe

:: MS08-066 – Important
:: Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/0/5/405222d0-5171-4ffb-a86e-7889e1161c1d/WindowsXP-KB956803-x86-ENU.exe

:: MS08-067 – Critical
:: Vulnerability in Server Service Could Allow Remote Code Execution (958644)
:: SP2: replaces MS06-040
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/f/a/4fabe08e-5358-418b-81dd-d5038730b324/WindowsXP-KB958644-x86-ENU.exe

:: Nov 08

:: MS08-068 – Important
:: Vulnerability in SMB Could Allow Remote Code Execution (957097)
:: SP2: replaces MS05-011
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/b/c/4bcfd71b-1f5a-4f9c-8c57-0b7ba2aae684/WindowsXP-KB957097-x86-ENU.exe

:: MS08-069 – Critical
:: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
:: SP2: replaces MS07-042
:: SP3: replaces none
call :download http://download.microsoft.com/download/d/6/5/d65961a2-d09b-4560-af78-1e4f97b77359/WindowsXP-KB955069-x86-ENU.exe

:: Dec 08

:: MS08-071 – Critical
:: Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
:: SP2: replaces MS08-021
:: SP3: replaces none
call :download http://download.microsoft.com/download/0/0/D/00DBCA9D-B3CF-4F9E-A671-6CD79FC1DC4C/WindowsXP-KB956802-x86-ENU.exe

:: MS08-073 - Critical
:: Cumulative Security Update for Internet Explorer (958215)
:: SP2: replaces MS08-058
:: SP3: replaces MS08-058
:: cavd - 22-jan-09 - changed from ie7 to ie6 - baseline xp doesn't have ie7!
:: call :download http://download.microsoft.com/download/0/2/9/0297FF58-CEFC-48DB-9CED-97796B754137/IE7-WindowsXP-KB958215-x86-ENU.exe
call :download http://download.microsoft.com/download/6/D/8/6D8C124A-CFC2-43D7-A2DA-9411DA0D3CB5/WindowsXP-KB958215-x86-ENU.exe

:: MS08-076 – Important
:: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
:: SP2: replaces none
:: SP3: replaces none
:: cavd - 22-jan-09
:: there is now a v2 of 952069
:: the dox also suggest that for baseline XP is 954600
:: call :download http://download.microsoft.com/download/8/8/2/8822FCC3-55EB-4B37-B448-51FBE65DDC39/WindowsXP-WindowsMedia-KB952069-x86-ENU.exe

call :download http://download.microsoft.com/download/8/8/2/8822FCC3-55EB-4B37-B448-51FBE65DDC39/WindowsXP-WindowsMedia-KB952069-v2-x86-ENU.exe
call :download http://download.microsoft.com/download/E/C/7/EC7B6956-2C13-4196-9E35-375C828ACB6C/WindowsXP-KB954600-x86-ENU.exe

:: MS08-078 - Critical
:: Security Update for Internet Explorer (960714)
:: SP2: replaces none
:: SP3: replaces none
:: cavd - 22-jan-09 - changed from ie7 to ie6 - baseline xp doesn't have ie7!
:: call :download http://download.microsoft.com/download/6/C/3/6C3F5EB1-846B-4E59-8346-6A380A77125C/IE7-WindowsXP-KB960714-x86-ENU.exe
call :download http://download.microsoft.com/download/F/2/7/F27B3516-F7FD-4B84-919F-9B8CEC4BC4A5/WindowsXP-KB960714-x86-ENU.exe

:: Jan 09

:: MS09-001 – Critical
:: Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
:: SP2: replaces MS08-063
:: SP3: replaces MS08-063
call :download http://download.microsoft.com/download/B/9/7/B9798068-1B3B-4EE7-BC2A-2371C54B0ADD/WindowsXP-KB958687-x86-ENU.exe

Clarification needed

Am I correct in assuming xpsp3.mak will not auto execute the same way as xpsp3.cmd did? I am loathe to setup the programs mentioned because I am CLI ignorant at this point in time. Is there another way to slip the critical fixes?

Chris,

xpsp3.mak is only needed if you want to build and burn a CD with one command. It requires Cygwin.

Otherwise, just use xpsp3.cmd.

Use a GUI tool

You can create a bootable disk image by using a free tool such as ImgBurn (www.imgburn.com). In addition, you'll need to use a free tool like WinImage (www.winimage.com) to extract the boot image from an existing bootable XP disk, or download one from somewhere.

There are plenty of instructions out there on how to do all this - Google is your friend.

Personally, I use the command-line tool CDIMAGE which can be downloaded from a variety of places. If you get a copy, I can post my script...

xpsp3.bat update

to update the script with the latest updates do we just need to update the bulletin section?

I updated the bulletin list and it seems to have work. I am posting the section here to hopefully save you guys some work.

:: Jun 08:

:: MS08-030 – Critical
:: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/a/6/5/a65308a2-7ede-4219-981a-20feb38bfd0e/WindowsXP-KB951376-v2-x86-ENU.exe

:: MS08-031 - Critical
:: Cumulative Security Update for Internet Explorer (950759)
:: SP2: replaces MS08-024
:: SP3: replaces none
:: replaced by MS08-45
:: call :download http://download.microsoft.com/download/2/2/5/2255ad65-47ba-44f1-9e88-feba8f019c55/WindowsXP-KB950759-x86-ENU.exe

:: MS08-032 - Moderate
:: Cumulative Security Update of ActiveX Kill Bits (950760)
:: SP2: replaces MS08-023
:: SP3: replaces none
call :download http://download.microsoft.com/download/c/6/e/c6e4b3e0-0af6-4ac8-92f7-5f7e8d471fb2/WindowsXP-KB950760-x86-ENU.exe

:: MS08-033 – Critical
:: Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
:: SP2: replaces MS07-064
:: SP3: replaces none
call :download http://download.microsoft.com/download/3/1/5/315c86ba-2910-47f0-9f02-b5616511536d/WindowsXP-KB951698-x86-ENU.exe

:: MS08-035 – Important
:: Vulnerability in Active Directory Could Allow Denial of Service (953235)
:: SP2: replaces MS08-003
:: SP3: replaces none
call :download http://download.microsoft.com/download/5/f/a/5fa7006d-023f-496f-9c85-796fb82dfd16/WindowsXP-KB949269-x86-ENU.exe

:: MS08-036 – Important
:: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
:: SP2: replaces MS06-052
:: SP3: replaces none
call :download http://download.microsoft.com/download/1/4/3/1438b520-8200-466d-9daf-4de18bd4dc0f/WindowsXP-KB950762-x86-ENU.exe

:: Jul 08:

:: MS08-037 – Important
:: Vulnerabilities in DNS Could Allow Spoofing (953230)
:: SP2: replaces MS06-064, MS08-001
:: SP3: replaces none
call :download http://download.microsoft.com/download/f/5/f/f5f31962-0215-44e6-be41-02818b4373f3/WindowsXP-KB951748-x86-ENU.exe

:: Aug 08:

:: MS08-045 - Critical replaced by MS08-058 - Critical
:: Cumulative Security Update for Internet Explorer (953838)
:: SP2: replaces MS08-031
:: SP3: replaces MS08-031
:: call :download http://download.microsoft.com/download/3/9/3/3933471e-a08e-4640-8980-d3d3eb5b3c34/WindowsXP-KB953838-x86-ENU.exe

:: MS08-046 – Critical
:: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/a/1/9/a19c9aff-bd94-4fc1-98ff-db432358f902/WindowsXP-KB952954-x86-ENU.exe

:: MS08-048 - Important
:: Security Update for Outlook Express and Windows Mail (951066)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/3/a/f/3afd84f3-729c-4f54-9d38-e77c5112ae0d/WindowsXP-KB951066-x86-ENU.exe

:: MS08-049 – Important
:: Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/5/d/d/5dd0ab05-b357-4175-bd93-894903f07579/WindowsXP-KB950974-x86-ENU.exe

:: MS08-050 – Important
:: Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/d/8/4d84fd95-9124-461a-95eb-6b5908b6fe62/WindowsXP-KB946648-x86-ENU.exe

:: Ssep 08:

:: MS08-052 - Critical
:: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/7/8/1/78141dc7-3b1d-42f3-9aa2-4dca79ad739b/WindowsXP-KB938464-x86-ENU.exe

:: MS08-053 - Critical
:: Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/2/b/2/2b252ed6-39fe-423d-a74e-d48c85d24c2a/WindowsMedia9-KB954156-x86-ENU.exe

:: MS08-054 - Critical
:: Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/b/6/6/b662a844-9aa2-4b80-8713-27a6c0da16d8/WindowsMedia11-KB954154-x86-ENU.exe

:: Oct 08:

:: MS08-061 – Important
:: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
:: SP3: replaces none
call :download http://download.microsoft.com/download/2/5/3/25324004-a2df-4163-95f5-ae9127b0f3ad/WindowsXP-KB954211-x86-ENU.exe

:: MS08-062 - Important
:: Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
:: SP3: replaces none
call :download http://download.microsoft.com/download/d/7/f/d7f097e0-f290-4ff6-98ea-edaf8e78140f/WindowsXP-KB953155-x86-ENU.exe

:: MS08-063 – Important
:: Vulnerability in SMB Could Allow Remote Code Execution (957095)
:: SP2: replaces MS06-063
:: SP3: replaces none
call :download http://download.microsoft.com/download/3/3/f/33f997d5-b567-4ee9-82aa-3868629a1ec5/WindowsXP-KB957095-x86-ENU.exe

:: MS08-064 – Important
:: Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
:: SP2: replaces MS07-022
:: SP3: replaces none
call :download http://download.microsoft.com/download/0/0/9/009cb4f8-9a59-412b-8811-f9f0b7703ee6/WindowsXP-KB956841-x86-ENU.exe

:: MS08-066 – Important
:: Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/0/5/405222d0-5171-4ffb-a86e-7889e1161c1d/WindowsXP-KB956803-x86-ENU.exe

:: MS08-067 – Critical
:: Vulnerability in Server Service Could Allow Remote Code Execution (958644)
:: SP2: replaces MS06-040
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/f/a/4fabe08e-5358-418b-81dd-d5038730b324/WindowsXP-KB958644-x86-ENU.exe

:: Nov 08

:: MS08-068 – Important
:: Vulnerability in SMB Could Allow Remote Code Execution (957097)
:: SP2: replaces MS05-011
:: SP3: replaces none
call :download http://download.microsoft.com/download/4/b/c/4bcfd71b-1f5a-4f9c-8c57-0b7ba2aae684/WindowsXP-KB957097-x86-ENU.exe

:: MS08-069 – Critical
:: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
:: SP2: replaces MS07-042
:: SP3: replaces none
call :download http://download.microsoft.com/download/d/6/5/d65961a2-d09b-4560-af78-1e4f97b77359/WindowsXP-KB955069-x86-ENU.exe

:: Dec 08

:: MS08-071 – Critical
:: Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
:: SP2: replaces MS08-021
:: SP3: replaces none
call :download http://download.microsoft.com/download/0/0/D/00DBCA9D-B3CF-4F9E-A671-6CD79FC1DC4C/WindowsXP-KB956802-x86-ENU.exe

:: MS08-073 - Critical
:: Cumulative Security Update for Internet Explorer (958215)
:: SP2: replaces MS08-058
:: SP3: replaces MS08-058
call :download http://download.microsoft.com/download/0/2/9/0297FF58-CEFC-48DB-9CED-97796B754137/IE7-WindowsXP-KB958215-x86-ENU.exe

:: MS08-076 – Important
:: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/8/8/2/8822FCC3-55EB-4B37-B448-51FBE65DDC39/WindowsXP-WindowsMedia-KB952069-x86-ENU.exe

:: MS08-078 - Critical
:: Security Update for Internet Explorer (960714)
:: SP2: replaces none
:: SP3: replaces none
call :download http://download.microsoft.com/download/6/C/3/6C3F5EB1-846B-4E59-8346-6A380A77125C/IE7-WindowsXP-KB960714-x86-ENU.exe

about 'xpsp3.mak ' how-to

You wrote, "I've created the makefile xpsp3.mak .... Details on usage below." yet no such details no how to use exists. The only other entry is under, "Using Cygwin to Burn a Bootable CD" which show how one can make a change within it but does not say how to use the xpsp3.mak.
I am assuming that this file needs to be either placed somewhere or executed somehow, or am I wrong?

slipstreaming if OS is not on C: drive

I have/had 2 physical hard drives. After I replaced one HDD, where the OS was, somehow the tech at the shop (where I bought the PC and had the HDD replaced) did the wiring and jumpers wrong.
Anyhow, in installing Windows XP Home I had no choice but to place the OS in the 2nd (new drive) which was G: and NOT C: (C; and D; partitions/drives were taken from the other drive where I had files--this was my backup drive). Having work to do I had no choice but do the WIndows installation on G: which now only boots with the CD still in the drive.
Anyhow, since Windows was updated with SP3 and other updates I was wondering if it is safe to do a slipstream CD seeing that I will need to get the image (or whatever you call it) and files from the OS which does not sit on C but rather on G:

Or to put it simply, does the fact that presently my os is not on C: but rather on G: and that I need to use the original install CD to boot from make a difference or not?

Thank you

What about Office 2003

For Office 2003, run office_2003_hotfixes.cmd (updated 31-Dec-08) to install Service Pack 2, and all post-SP3 hotfixes locally.

Are you time travelling? I hoped to find this current but I see it is 9 months out of date. Any chance of updating it?

Methanoid

You're right. It should say 31-Dec-07. I'll fix that soon. Thanks for the heads up.

sp3 local...

Small issue with the sp3 local (i have not tried the slipstream one yet), you can change the hotfix dir to download too but it still downloads files to the run location. I had to add -P "%hotfixdir% to the wget part to get it to download to the correct directory. I am not sure what curls syntax is for that.

Only thing to look forward to in life is death.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
DeutschEspañolFrançaisItalianoNederlandsPortuguêsΕλληνικάРусскийالعربية中文(简体)中文(繁體)日本語한국어
 
Donate Bitcoins
Google
 
www smithii.com
 
Special thanks to Riester Rente Online for a generous donation!