Welcome to Windows XP Service Pack 4

Forum to discuss Update Packs created by community members for the various Windows operating systems.
Post Reply
harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sun Feb 23, 2014 6:11 am

@5eraph: It's interesting that I've already included the keys you mention, but qfecheck does not show these updates. I used the same keys as in Onepiece's update pack.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sun Feb 23, 2014 7:17 am

OK, now I see why qfecheck shows nothing. Every single value inside the the SP4 registry key is automagically deleted by the SP4 installer.

I will fix this promptly.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sun Feb 23, 2014 5:08 pm

Right, after testing a new build of SP4 live installer, I ran the qfecheck utility and it reports the following updates:

Hotfixes Identified:
KB909520: Current on system.
KB2510531-IE8: Current on system.
KB2598845-IE8: Current on system.
KB2632503-IE8: Current on system.
KB2888505-IE8,Description,,Security Update for Windows Internet Explorer 8
88505): Current on system.
KB2888505-IE8,RemoveOnIE8Uninstall,0x00010001,0x1: Current on system.
Q282784: Current on system.
KB2564958: Current on system.
KB961742-v3: Current on system.
KB969084: Current on system.
KB970401: Current on system.
KB974266: Current on system.
KB2115168: Current on system.
KB2124261: Current on system.
KB2229593: Current on system.
KB2264107: Current on system.
KB2270406: Current on system.
KB2290570: Current on system.
KB2296011: Current on system.
KB2345886: Current on system.
KB2347290: Current on system.
KB2387149: Current on system.
KB2393802: Current on system.
KB2419632: Current on system.
KB2423089: Current on system.
KB2443105: Current on system.
KB2454533-v2: Current on system.
KB2478960: Current on system.
KB2478971: Current on system.
KB2479943: Current on system.
KB2483185: Current on system.
KB2485663: Current on system.
KB2491683: Current on system.
KB2492386: Current on system.
KB2498072: Current on system.
KB2508429: Current on system.
KB2509553: Current on system.
KB2535512: Current on system.
KB2536276-v2: Current on system.
KB2544893-v2: Current on system.
KB2566454: Current on system.
KB2570947: Current on system.
KB2584146: Current on system.
KB2584577: Current on system.
KB2585542: Current on system.
KB2592799: Current on system.
KB2598479: Current on system.
KB2603381: Current on system.
KB2619339: Current on system.
KB2620712: Current on system.
KB2629462: Current on system.
KB2631813: Current on system.
KB2661637: Current on system.
KB2686509: Current on system.
KB2691442: Current on system.
KB2698365: Current on system.
KB2705219-v2: Current on system.
KB2712808: Current on system.
KB2723135-v2: Current on system.
KB2727528: Current on system.
KB2749655: Current on system.
KB2757638: Current on system.
KB2758857: Current on system.
KB2770660: Current on system.
KB2780091: Current on system.
KB2802968: Current on system.
KB2807986: Current on system.
KB2808679: Current on system.
KB2813347-v2: Current on system.
KB2820917: Current on system.
KB2828030: Current on system.
KB2832214: Current on system.
KB2834886: Current on system.
KB2836198: Current on system.
KB2845187: Current on system.
KB2847311: Current on system.
KB2850869: Current on system.
KB2859537: Current on system.
KB2862152: Current on system.
KB2862330: Current on system.
KB2862335: Current on system.
KB2864063: Current on system.
KB2868038: Current on system.
KB2868626: Current on system.
KB2876217: Current on system.
KB2876331: Current on system.
KB2878379-v2: Current on system.
KB2884256: Current on system.
KB2892075: Current on system.
KB2892734: Current on system.
KB2893294: Current on system.
KB2893984: Current on system.
KB2898715: Current on system.
KB2900986: Current on system.
KB2904266: Current on system.
KB2914368: Current on system.
KB2916036: Current on system.
KB2929729: Current on system.
KB817688: Current on system.
KB897571: Current on system.
KB916157-v6: Current on system.
KB922120-v6: Current on system.
KB927436-v2: Current on system.
KB934401: Current on system.
KB936929: Current on system.
KB940159-v2: Current on system.
KB943232-v2: Current on system.
KB944043-v3: Current on system.
KB945060-v3: Current on system.
KB945184: Current on system.
KB947460-v3: Current on system.
KB948046-v2: Current on system.
KB948101-v3: Current on system.
KB948277: Current on system.
KB948698: Current on system.
KB948720: Current on system.
KB948877-v2: Current on system.
KB949127-v2: Current on system.
KB949900: Current on system.
KB950305-v2: Current on system.
KB950616: This hotfix should be reinstalled.
KB950820: Current on system.
KB950974: Current on system.
KB950982: Current on system.
KB951159: Current on system.
KB951163: This hotfix should be reinstalled.
KB951347: Current on system.
KB951376-v2: Current on system.
KB951531-v2: Current on system.
KB951618-v2: Current on system.
KB951624: Current on system.
KB951709: Current on system.
KB951822-v2: Current on system.
KB951978: Current on system.
KB952004: Current on system.
KB952117-v2: This hotfix should be reinstalled.
KB952595-v3: Current on system.
KB952954: Current on system.
KB953024: Current on system.
KB953028: Current on system.
KB953155: Current on system.
KB953761: Current on system.
KB953930: Current on system.
KB954193: Current on system.
KB954232: Current on system.
KB954434: Current on system.
KB954708: Current on system.
KB954920-v2: Current on system.
KB955109: Current on system.
KB955356: Current on system.
KB955417: Current on system.
KB955567: Current on system.
KB955576: Current on system.
KB955704: Current on system.
KB955830-v2: Current on system.
KB955988: Current on system.
KB956048: Current on system.
KB956572: Current on system.
KB956844: Current on system.
KB957218: Current on system.
KB957495: Current on system.
KB957502: Current on system.
KB957931: Current on system.
KB958071: Current on system.
KB958149: Current on system.
KB958244: Current on system.
KB958817: Current on system.
KB958910: Current on system.
KB959267: Current on system.
KB959334: Current on system.
KB959465: Current on system.
KB959682: Current on system.
KB959765: Current on system.
KB959873: Current on system.
KB960071-v2: Current on system.
KB960519: Current on system.
KB960655: Current on system.
KB960680-v2: Current on system.
KB960859: Current on system.
KB960921: Current on system.
KB960970: Current on system.
KB961067: Current on system.
KB961118: Current on system.
KB961187-v2: Current on system.
KB961451-v2: Current on system.
KB961503: Current on system.
KB961605: Current on system.
KB961853-v2: Current on system.
KB963038: Current on system.
KB965220: Current on system.
KB967048-v2: Current on system.
KB967705-v2: Current on system.
KB968389: Current on system.
KB969059: Current on system.
KB969262: Current on system.
KB969632: Current on system.
KB970048: Current on system.
KB970063: Current on system.
KB970254: Current on system.
KB970326: Current on system.
KB970413: Current on system.
KB970430: Current on system.
KB970483: Current on system.
KB970553: Current on system.
KB970685: Current on system.
KB971029: Current on system.
KB971165: Current on system.
KB971234-v2: Current on system.
KB971314: Current on system.
KB971345: Current on system.
KB971455: Current on system.
KB971657: Current on system.
KB972270: Current on system.
KB972422: Current on system.
KB972435: Current on system.
KB972878: Current on system.
KB973502: Current on system.
KB973507: Current on system.
KB973624: Current on system.
KB973815: Current on system.
KB973869: Current on system.
KB973904: Current on system.
KB974112: Current on system.
KB974318: Current on system.
KB974571: Current on system.
KB975025: Current on system.
KB975467: Current on system.
KB975560: Current on system.
KB975713: Current on system.
KB976323: Current on system.
KB977816: Current on system.
KB977914: Current on system.
KB978338: Current on system.
KB978542: Current on system.
KB978706: Current on system.
KB978835: Current on system.
KB979309: Current on system.
KB979482: Current on system.
KB979687: Current on system.
KB981073-v3: Current on system.
KB981669: Current on system.
KB981997: Current on system.
KB982132: Current on system.
KB982316: Current on system.
KB982665: Current on system.
KB983234: Current on system.

I will investigate these 3 hotfixes, but -because my time is limited - I would be glad if someone finds an update I previously added in the service package but is not listed above.

The WU issue has not been fixed yet: it still reports unregistered files at first check. It seems that I have to change a few more things. Automatic Updates work perfectly fine, however.

I will check for updates soon, it seems that only a few updates are still reported.

UPDATE: I just checked WIndows Update. These are the results:


- Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2909921) - I will integrate the latest IE8 update in April.
- Security Update for Windows XP (KB2909210) -MS14-011: Description of the security update for Visual Basic Scripting Edition (VBScript) 5.8: February 11, 2014
That's IE8 update and it supersedes a previously integrated update. No need to add it right now in the SP4 package.
- Windows Malicious Software Removal Tool - February 2014 (KB890830) -
Probably I won't integrate MRT at all, it should be run manually on your system to check for security threats. I will decide this in April.
- Security Update for Windows XP and Windows Server 2003 (KB2917500) - Revoked roots. I will add the latest one in April.
- Security Update for Windows XP (KB2659262): This one is interesting, because it should have been superseded by the:
- Security Update for Flash Player (KB923789) - This update will be superseded when I integrate the latest Flash player in April.
(Flash Player can be an important security hole in post-EOL XP era.)

and the optional updates (which will be added later):

- Microsoft .NET Framework 4 Client Profile for Windows XP x86 (KB982670)
- Update for Root Certificates for Windows XP [November 2013] (KB931125)
- Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
- Windows Search 4.0 for Windows XP (KB940157) - already added, but disabled by default in SP4.


So, I have to check out these updates:

KB2659262 (what's wrong with this one actually?)
KB952117-v2 (QFECHeck)
KB950616 (QFECHeck)
KB952117-v2 (QFECHeck)

User avatar
bphlpt
Posts: 1372
Joined: Sat Apr 19, 2008 1:11 am

Post by bphlpt » Sun Feb 23, 2014 7:52 pm

You have really been doing very remarkable work! Looks like you will complete your task just in time as you intended. Wonderful!

Cheers and Regards

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Mon Feb 24, 2014 8:12 pm

I have just started testing the CD-ROM installations. It's interesting that Setup looks for files in the CD like usbintel.sys or ntkrnlpa.exe, which are normally not present in \I386 directory of SP3 media. Is this a checksum failure? Should I change the sizes in lauot.inf/txtsetup.sif files? If yes, is there an automated way to do this?

I;m not sure if this is a checksum failure, I'm looking into it.

UPDATE: Seems like an ISO emulation issue...

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Tue Feb 25, 2014 10:08 am

Now fixing the hivesft.inf files

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Wed Feb 26, 2014 10:15 am

Just finshed the first test in XP Pro SP4 Clean CD-ROM installations.
There are minor glitches to fix but, in general, I have to say I'm impressed by the speed, stability and the immediate Automatic Updates functionality after setup completes.

This milestone 5 will receive enough testing from me and it will be the alpha build of windows xp sp4. I hope you can test it on as many systems as possible.

Next steps: testing ic (Home-based builds), fixing clean installation glitches in XP Pro and Home, test Upgrade installations, fix .NET 1.1 uninstall process, test XP SP4 on KN, N, Starter builds and fix possible glitches, test MCE and Tablet PC live and slipstreamed instalation/uninstallation, test the SP1->SP3 installation/uninstallation and RTM->SP2->SP4 live installation paths. After all these checks, I will release Milestone 5.
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

ChiefZeke
Posts: 767
Joined: Fri Mar 23, 2007 5:33 pm
Location: Victorville, California

Post by ChiefZeke » Wed Feb 26, 2014 5:24 pm

What a super effort - which we appreciate.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Wed Feb 26, 2014 8:11 pm

An interesting nLite crash when I analysed the slipstreamed XP SP4 slipstreamed CD. The fact that there are 2 CDs in the layout.inf probably triggers an unhandled exception in nLite and prevents the integration of any addons or tweaks using that program.

Fortunately, RyanVMi does not crash.

You can take a look here:
Image

I have marked the problematic points.

User avatar
ricktendo64
Posts: 3213
Joined: Mon May 22, 2006 12:27 am
Location: Honduras

Post by ricktendo64 » Wed Feb 26, 2014 11:15 pm

Will you be providing a way/source/instructions for others to make a sp4 for other language?

I would like to make a Spanish sp4 after xp support ends...I only want to add updates, wmp11, ie8, search, etc. no media center stuff

BTW you may want to report that bug to nuhi, he is back on msfn

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Thu Feb 27, 2014 7:47 am

@ricktendo64: Thanks for the advice, I've just made some changes in the dosnet.inf version number and I am going to test if this solves the issue. If it doesn't I'll report the issue.

I will prepare a tutorial in the summer, when I'll have more free time (I hope). I have taken notes of the most important steps of Windows XP SP4 developement, which are just so many. Explaining why I do each step would turn the tutorial into a small book, I'm afraid. I'll do my best to make my method most clear to anyone who knows a bit about INF, CAT files and PE binary patching.

User avatar
ricktendo64
Posts: 3213
Joined: Mon May 22, 2006 12:27 am
Location: Honduras

Post by ricktendo64 » Thu Feb 27, 2014 8:45 am

I'm pretty good with INF, and repacking ms hotfixes. Don't know about pe binary patching, my hex editing (following instructions) is OK

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Thu Feb 27, 2014 1:48 pm

The updated dosnet.inf file did not fix the issue. This same issue is also present with XP Home installations. I think I'll have to report it to nuhi.
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

User avatar
bphlpt
Posts: 1372
Joined: Sat Apr 19, 2008 1:11 am

Post by bphlpt » Thu Feb 27, 2014 8:24 pm

harkaz wrote:I will prepare a tutorial in the summer, when I'll have more free time (I hope). I have taken notes of the most important steps of Windows XP SP4 developement, which are just so many. Explaining why I do each step would turn the tutorial into a small book, I'm afraid. I'll do my best to make my method most clear to anyone who knows a bit about INF, CAT files and PE binary patching.
I would think that sharing your rough notes with tomasz86 would be a good first step, since I believe that he has done some of the the similar things you have in his work with Win2K USP5. He might be able to offer you some advice as to how to automate some of the steps, and in return he might also learn some things from you. Then I would think that people like 5eraph, ricktendo, OnePiece, and user_hidden would be the most likely group to be able to fully evaluate, troubleshoot, and possibly expand on your work. Whether they could benefit from incorporating your methods into their own work would then be up to them and you, if you would allow it. Just my opinion of course.

Cheers and Regards

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Fri Feb 28, 2014 7:43 pm

@bphlht: The notes are written on paper in my native language (Greek), so it will take some time to type them, but currently is not my top priority. I want to finish XP SP4 first, because I may need to update some steps with the new knowledge I gain as SP4 project matures.

NEWS: Testing Windows XP SP4 Alpha Build (Milestone 5) EXE in VM.

This version of Windows XP SP4 is not compatible with nLite. I have contacted nuhi already, so that he can look into the issue when I publish the new build.

Please test this build extensively when it comes out, the more testing it gets, the more bugs will be fixed.

UPDATE: - The new .NET 1.0 SP3 update KB2904878 won't be included in the Alpha build, but will be part of the next XP SP4 milestone.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sat Mar 01, 2014 7:53 pm

Windows XP SP4 Milestone 5 (Alpha) is now available!

Download: Link removed - Download the latest Alpha version
MD5 Hash: 7A68B3E92E9AC189E8F37058184A1246
Size: 663 MB (695759427 bytes)


This MSFN thread gives detailed installation instructions: http://www.msfn.org/board/topic/171171- ... ows-xp-sp4

What's included in this release (full list):

Code: Select all

- Windows Messenger 4.7 completely removed. 
 - Windows Update Agent 7.6.7600.256-257 
 - An updated version of the Luna theme with the "Royale" colour scheme. All files are digitally signed. 
 - Internet Explorer 8 with the following updates: 
 KB2467659 - An update is available for Internet Explorer: December 14, 2010 
 KB2510531 - MS11-031: Description of the security update for the JScript and VBScript v5.8 scripting engines: April 12, 2011 
 KB2598845 - A Compatibility View list update is available for Windows Internet Explorer 8: October 25, 2011 
 KB2632503 - FIX: Array elements in very large loops may be returned as undefined in JScript 5.8 
 KB2888505 - MS13-088: Cumulative security update for Internet Explorer: November 12, 2013 
 KB972582 - You receive an empty dialog box when you run the "Rundll32.exe shdocvw.dll, DoOrganizeFavDlg" command on a computer that is running Windows XP or Windows Server 2003 if Internet Explorer 8 is installed. (Fixes blank 'Organize Favorites' dialog in Windows Explorer). 
 - Windows Media Player 11 with the following updates: 
 KB954155 - MS09-051: Description of the security update for Windows Media Audio Voice Decoder: October 13, 2009 
 KB970159 - User-Mode Driver Framework (WUDF) version 1.9 update for Windows XP, for Windows Vista, and for Windows Server 2008 
 KB973540 - MS09-037: Description of the security update for Windows Media Player: August 11, 2009 
 KB975558 - MS10-062: Vulnerability in MPEG-4 Codec could allow remote code execution 
 KB974905 - Error code C00D11B1 when you play an MBR file or a live stream that contains more than 32 media streams in Windows Media Player on a computer that is running Windows XP or Windows Vista 
 KB978695 - MS10-033: Description of the security update for Media Format Runtime 9, for Media Format Runtime 9.5, and for Media Format Runtime 11: June 8, 2010 
 KB2378111 - MS10-082: Vulnerability in Windows Media Player could allow remote code execution 
 KB2834904 v2 - MS13-057: Description of the security update for Windows Media Format Runtime 9.5 and 11 (wmvdecod.dll) on Windows XP and Windows Server 2003: July 9, 2013 
 Note: i) WMP11 is also installed on N versions of Windows XP with the Media pack update installed. 
 ii) WUDF is installed on all platforms, including N builds of Windows XP, which normally don't include WMP. 
 - Windows Genuine Advantage Notifications and WGA (KB892130): Windows XP SP4 M4 includes both WGA and WGA notifications (WGANotify). However, WGA notifications are disabled by default. You can enable them from the Windows Optional Components Wizard. Even without the notifications enabled, Windows Update will think that you have WGANotify already installed and won't present you with it. 
 - Package Installer update (KB898461): Software update 898461 installs a permanent copy of the Package Installer for Windows version 6.1.22.4. However, XP SP4 includes the latest available version of Package installer: 6.3.15.0. The updated files are digitally signed. This update, along with WGA and the latest IE8 cumulative update enable Windows Update to run properly. 
 - Windows Installer 4.5 (KB942288 v3 - Windows Installer 4.5 is available) 
 - Image Mastering API (IMAPI) 2.0 (KB932716 v2 - Description of the Image Mastering API v2.0 (IMAPIv2.0) update package that is dated June 26, 2007) 
 - Media Center 2005 Update Rollup 2 with the following updates: 
 KB887410 - Dancer does not start when music plays 
 KB925766 - October 2006 Update Rollup for Windows XP Media Center Edition 
 KB956148 - Update to address "protected content" error messages in Windows XP Media Center Edition 2005 
 KB973768 - MS09-037: Description of the security update for Microsoft HtmlInput Object ActiveX Control in Windows XP Media Center Edition, Windows Vista, and Windows Server 2008: August 11, 2009 
 KB2502898 - MS11-015: Description of the security update for Windows XP Media Center Edition: 8 March 2011 
 KB2619340 - MS11-092: Description of the security update for Windows XP Media Center Edition: 13 December 2011 
 KB2628259 - MS12-004: Description of the security update for Windows Multimedia Library for Windows XP Media Center Edition 2005: 10 January 2012 
 Based on Ricktendo's MCE2005 Update Pack with a few modifications. 
 - Microsoft .NET Framework 1.0 SP3 (July 2013) with the following updates: 
 KB979904 
 KB2742607 
 KB2833951 
 Note: Windows XP SP4 M4 updates any previous .NET 1.0 installations for Media Center or Tablet PC edition ONLY. It is also installed in CD-ROM installations only when a Tablet PC product key is inserted. Media Center 2005 Update Rollup 2, which is included in XP SP4 M4 DOES NOT require .NET Framework 1.0. 
 MCE 2005 UR2 requires .NET Framework 1.1, which supersedes .NET 1.0 SP3. .NET 1.0 SP3 and .NET 1.1 SP1 are compatible versions of .NET Framework. 
 - Tablet PC 2005 with the following hotfixes: 
 KB955534 
 KB957282 
 KB981835 
 (If there are any hotfixes for Tablet PC that have not been included, please inform me). 
 - Microsoft .NET Framework 1.1 SP1 with the following updates: 
 KB928366 
 KB2833941 (July 2013 cumulative security patch) 
 Based on Onepiece's .NET Framework 1.1 SP1 true addon with some modifications. Extensive testing may be required. 
 Note: .NET Framework 1.1 SP1 cannot be removed in MCE installations, because it is required by MCE2005 Update Rollup 2.  

- Windows Desktop Search 4.0 (KB940157) 
 - Browser Choice Ballot Screen (hidden) 
 - KB963093 
 - KB961184 
 - KB915800-V4 
 - Windows Rights Management Client SP2 
 - Bitlocker To Go Reader 
 - DirectX 9.0c Redist 
 - KB952011 IMAPI2 support for blu-ray media 
 - XPS Viewer EP 1.2 
 - KB971276-v3 
 - KB971314 
 - KB952013 (SmartCard for Windows XP Update) 

KB909520 v1 - Description of the software update for Base Smart Card Cryptographic Service Provider 
 KB974266 - Group Policy Preferences Client-Side Extension Hotfix Rollup 
 KB817688 - "Error on a Request to Write Data to Media" error message when you use Ntbackup.exe 
 KB897571 - FIX: A DCOM static TCP endpoint is ignored when you configure the endpoint for WMI on a Windows Server 2003-based computer 
 KB916157 v6 - When you receive a Stop error message or a fatal system error message, a user-mode process dump file is not created in Windows XP 
 KB922120 v6 - Network Map in Windows Vista does not display computers that are running Windows XP 
 KB927436 v2 - Error message when you attach a device that loads the Serscan.sys driver to a computer that is running Windows XP SP2, Windows XP SP3, or Windows Server 2003: "DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9)" 
 KB934401 - When you run the "Ipconfig /displaydns" command in Windows Server 2003, the results are incomplete
KB943232-v2 - An application that uses the Sxs.dll file crashes when you run the application on a Windows XP-based computer 
 KB944043 v3 - Description of the Windows Server 2008 read-only domain controller compatibility pack for Windows Server 2003 clients and for Windows XP clients and for Windows Vista 
 KB887606 - FIX: The Microsoft XML Parser (MSXML) uses cached credentials incorrectly 
 KB940159 v2 - The Last Name field is blank in the Mail Merge Recipients dialog box when you use the Mail Merge feature on a computer that has a non-English version of 2007 Microsoft Office system installed (Registry only) 
 KB945060 v3 - There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP 
 KB945184 - The Rasdial API may free the same memory two times and the dial-up application stops responding on a multiprocessor computer that is running Windows Vista 
 KB947460 v3 - Error message when you try to open a mapped DFS folder after the computer comes out of standby in Windows XP: ":\ is not accessible" 
 KB948101 v3 - A USB keyboard does not work after you restart a Windows XP-based computer that has an NVIDIA 680i motherboard installed 
 KB948277 - A blank desktop may appear when you log on to a Windows XP-based computer 
 KB948698 - You cannot use the Reg.exe utility to access 64-bit registry keys on a 64-bit computer from a computer that is running a 32-bit version of Windows Server 2003, Windows XP, Windows Server 2008, or Windows Vista 
 KB948720 - You cannot install device drivers in a Windows Server 2008 cluster environment if the drivers contain LZ-compressed files 
 KB948877 v2 - After you copy multiple files from a computer that is running Windows XP to a PCMCIA SRAM card, one or more files on the card are corrupted 
 KB949127 v2 - You cannot establish a wireless connection by using EAP authentication on a Windows XP-based client computer if the Service Set Identifier (SSID) includes a comma 
 KB949900 - The RunOnce.exe process may stop responding during the driver installation process on a Windows XP-based computer 
 KB950305 v2 - N/A (Updates pscript5.dll, etc.) 
 KB950616 - An audio application that uses the Portcls.sys file may stop responding when you run the audio application on a computer that is running Windows XP 
 KB950820 - The system stops responding during the logoff, shutdown, or restart process on a computer that is running Windows Server 2003 or Windows XP and that has the Japanese IME installed 
 KB950974 - MS08-049: Vulnerability in Event System could allow remote code execution 
 KB950982 - A list of ODBC system DSNs is truncated when the total number of characters that are used in all the DSN names is more than 7,500 on a computer that is running Windows XP or Windows Server 2003 SP2 
 KB951159 - N/A (updates Shell components) 
 KB951163 - When you try to use the MSTSC command from Terminal Services Client 6.0 to connect to the local Windows XP-based computer, a black screen may appear for several minutes 
 KB951347 - A memory leak occurs when you use the IFaxIncomingMessageIterator interface to query incoming fax messages on a fax server that is running Windows Server 2003 or Windows XP 
 KB951376 v2 - MS08-030: Vulnerability in Bluetooth stack could allow remote code execution 
 KB951531 v2 - The W32Time service does not synchronize the CMOS clock time to the Internet time on a Windows XP or Windows Server 2003-based computer after the W32Time service stops 
KB951618 v2 - A black screen issue occurs on a Windows Vista-based computer or a Windows XP Service Pack 2-based computer that has Onekey Recovery 5.0 installed when you upgrade the operating system 
 KB951624 - A 30-second delay occurs during the initialization of some network-based applications or the roaming profiles cannot be loaded intermittently when Windows XP Service Pack 2 starts 
 KB951709 - Event ID 26 when you attach two IDE ATA/ATAPI devices as master and subordinate IDE devices on a Windows XP-based computer 
 KB951822 v2 - You receive an error message, the print operation fails, or partial pages are printed when you try to print to a Citizen printer or to an Alps printer in Windows XP Service Pack 3 
 KB951978 - Script output is not displayed as expected when you run VBScript or JScript scripts in Windows Vista Service Pack 1, in Windows Server 2008, or in Windows XP Service Pack 3 
 KB952004 - MS09-012: Description of the security update for MSDTC Transaction Facility: April 2009 
KB952117 v2 - When you try to put a Windows XP-based computer into hibernation or into standby, the computer stops responding 
 KB952595 v3 - N/A 
 KB952954 - MS08-046: Vulnerabilities in Microsoft Windows Image Color Management could allow remote code execution 
 KB953024 - Rich Text Format (.rtf) files may not print correctly in Windows XP when you use an application that uses the RichEdit control 
 KB953028 - On a computer that is running Windows Server 2003 or Windows XP, an application experiences an access violation and then crashes if the computer has more than four cores or more than four logical processors 
 KB953155 - MS08-062: Vulnerability in Windows Internet Printing service could allow remote code execution 
 KB953761 - Some DHCP Options are not recognized on a Windows XP SP3-based client computer when the DHCP server offer includes option 43 
 KB953930 - The Fc.exe command does not work correctly on a Windows XP-based computer when the two files that you are comparing have the TAB or SPACE character around the 128th byte in a string of characters 
 KB954193 - Description of the Jet 4.0 Database Engine cumulative hotfix package for Windows XP SP2 and SP3, Windows Server 2003 SP1 and SP2, Windows Vista, Windows Vista SP1, and Windows Server 2008: July 2, 2008 
 KB954232 - The On-Screen Keyboard behavior on a Windows XP-based computer does not mimic the physical keyboard behavior in certain scenarios 
 KB954434 - A multiprocessor computer that is running a Windows XP, Windows Server 2003, or Windows Vista stops responding on a black screen after you resume the computer from hibernation 
 KB954708 - An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component 
 KB954920 v2 - When an application requests a result set from new SQL Server 2008 collations, you may receive an "MSG 40242" or "MSG 40205" error when the ODBC driver for SQL Server is used or an "MSG 40234" error when the SQL OLE DB provider is used 
 KB955109 - Error message when you run an application that uses the Application Desktop Toolbar (AppBar) component on a computer that is running Windows XP SP2 or Windows XP SP3: “0xC0000005 (Access Violation)” 
KB955356 - When you try to start a Windows XP SP3-based computer that is connected to an external IEEE 1394 hard disk, the system may stop responding before the logon screen appears 
 KB955417 - Protected storage (PStore) uses a lower-quality cryptographic function when the system locale is set to French (France) on a Microsoft Windows-based computer 
 KB955567 - Data corruption may occur when you try to append data to a FILESTREAM varbinary (max) column in SQL Server 2008 on a Windows XP-based computer 
 KB955576 - TAPI-based applications stop responding, and you cannot disconnect telephone calls on a Windows XP-based telephony server 
 KB955704 - Description of the exFAT file system driver update package 
 KB955988 - The Win32_Environment WMI class does not return the value of the PATH environment variable if the variable consists of more than 1,024 characters on a Windows XP-based computer 
 KB956048 - An application that calls the Image Color Management (ICM) functions in the Icm32.dll module may crash on a Windows Server 2003-based computer 
KB956572 - MS09-012: Description of the security update for Windows Service Isolation: April 2009 
KB956844 - MS09-046: Vulnerability in the DHTML Editing Component ActiveX control could allow remote code execution 
 KB957218 - A user name that contains Unicode characters is not handled correctly in Windows XP Service Pack 3 during the EAP authentication 
 KB957495 - The action controls in Sound Recorder are missing or only partly visible if you set the font size to Large or to Extra Large in a non-English version of Windows XP 
 KB957502 - Error message when you try to open some MMC 3.0 snap-ins in a localized version of Windows XP Service Pack 3: "MMC could not create the snap-in. The snap-in might not have been installed correctly."
KB957931 - A Windows XP-based, Windows Vista-based, or Windows Server 2008-based computer does not respond to 802.1X authentication requests for 20 minutes after a failed authentication 
 KB958071 - You receive error code 1206 when you run an application that uses the WLanSetProfile function on a Windows XP Service Pack 3-based computer 
 KB958149 - Performance decreases when you stream isochronous data on a Windows-based computer that has a Texas Instruments (TI) IEEE 1394 host controller installed 
 KB958244 - The system may stop responding when you restart a Windows XP-based multicore computer 
 KB958817 - The Automatic Update window may stop responding when you use a WSUS server to deploy Windows Internet Explorer 7 and cumulative security update 944533 on a Windows XP-based client computer 
 KB958910 - When you send a print job to an Internet Printer Protocol (IPP) print server from a Windows-based computer, the print job fails and never restarts 
 KB959267 - After you repeatedly dock and undock a Windows XP-based portable computer that is connected to a docking station, you may be unable to change the state of an attached network device 
 KB959334 - Text that has the font set to Arial Black and the font style set to bold may change so that the font is set to Arial Black and the font style is set to talic when you open the document on a computer that is running Windows XP 
 KB959465 - Write protection does not always work on SD memory cards that are plugged into a computer that runs Windows XP, Windows Vista, or Windows Server 2008 
 KB959682 - FIX: A Message Queuing 3.0 message is rejected on the receiver when you send the message by using an external certificate from a Windows XP Service Pack 3-based computer 
 KB959765 - Remote NDIS (RNDIS) devices may not work correctly after you perform a surprise removal on a Windows XP-based computer and then attach the RNDIS device to the computer again 
 KB959873 - You cannot send Start TLS requests from a computer that is running Windows Server 2003 or Windows XP or Windows Vista to a server that is running OpenLDAP Software 
 KB960071 v2 - An access violation occurs when you use an application that calls the SQLExecDirect function of the SQL Server ODBC driver to run a long query in Windows Server 2003 or in Windows XP 
 KB960519 - Windows Vista does not use all the bandwidth of a PPPoE connection when you download a file from an FTP server 
 KB960655 - You encounter several problems on a Windows XP SP3-based computer when the EAP-TLS machine authentication fails during system startup 
 KB960680 v2 - An update is available to update the Slovak koruna currency symbol (Sk) to the Euro currency symbol (€) and to update the Turkish currency symbol from Yeni Türk Lirası (YTL) to Türk Lirası (TL) 
 KB960859 - MS09-042: Vulnerability in Telnet could allow remote code execution 
 KB960921 - If you start a Windows XP-based portable computer while it is running on battery power, the brightness of the LCD screen is not decreased as expected 
 KB960970 - An IEEE 1394 network adapter that is installed on a Windows XP-based computer is not listed in Device Manager 
 KB961067 - When you search some specific terms in the German version of Windows XP, the search results are incorrect 
 KB961118 - All the PCL inbox printer drivers become unsigned after you install the Microsoft .NET Framework 3.5 Service Pack 1 
 KB961187 v2 - If you reconnect a removable storage device to a computer that is running Windows XP, the operating system cannot find the removable storage device 
 KB961451 v2 - FIX: You receive an incorrect value when you query the last-inserted identity value after you use a client-side cursor to insert data to a table that contains an identity column in an application that uses ActiveX Data Objects 
 KB961503 - You cannot input characters as expected by using a non-English Input Method Editor in Windows Live Messenger on a Windows XP-based computer 
 KB961605 - FIX: Multicast messages larger than 64 kilobytes (KB) are not delivered as expected by using Message Queuing 3.0 after security update MS08-036 is installed 
 KB961742 v3 - An update is available that adds support for RemoteApp to Windows XP SP3 virtual machines on a Windows 7-based computer 
 KB961853 v2 - Error message when you try to access a network share in a private network: "There are currently no logon servers available to service the logon request" 
 KB963038 - Error message when you establish a remote desktop connection to a remote computer that is running Windows XP: "STOP: 0x1000008E" 
 KB965220 - N/A 
 KB967048 v2 - Error message on a Windows XP-based computer that has a USB card reader: "Stop 0x000000D1" 
 KB967705 v2 - When you try to print some data in the PDF format in Internet Explorer on a Windows XP-based computer, the main menu of Internet Explorer disappears. 
 KB967715 - Correct "disable Autorun registry key" enforcement in Windows (registry only) 
 KB968389 - Extended Protection for Authentication
KB969059 - MS09-057: Vulnerability in Indexing Service could allow remote code execution 
 KB969084 - Description of the Remote Desktop Connection 7.0 client update for Remote Desktop Services (RDS) for Windows XP SP3, Windows Vista SP1, and Windows Vista SP2 
 KB969262 - Windows XP stops responding when heavy I/O operations occur on an NTFS-formatted volume. 
 KB969632 - Background Intelligent Transfer Service (BITS) does not start in Windows XP, and you receive a message in the System log: "The Background Intelligent Transfer Service service terminated with service-specific error 2147500037 (0x80004005)" 
 KB970048 - Slow printing performance when you print to an LPR printer from a Windows XP-based computer 
 KB970063 - When you save a RTF document that contains nested tables in WordPad 5.1 in Windows XP, you may notice that the file is blank when you reopen the RTF document 
 KB970254 - The modem does not work and you cannot open the "Network Connections" window after you unplug and plug in the modem several times when a PPP connection is established in Windows XP 
 KB970326 - You cannot manage Windows Deployment Service (WDS) images from a Windows XP-based client computer that has a localized admin pack installed 
 KB970413 - The Win32_Process class returns incorrect CreationDate property during the first week after daylight saving time begins or ends 
 KB970430 - Description of the update that implements Extended Protection for Authentication in the HTTP Protocol Stack (http.sys) 
 KB970483 - MS09-020: Vulnerabilities in Internet Information Services (IIS) could allow elevation of privilege 
 KB970553 - Error message when you query Win32_Product class after you install applications by using Microsoft Windows Installer (MSI) 4.5 with "Per-User" option in Windows XP: "0x80041001 - Generic failure" 
 KB970685 - Error message when you try to access an SD card on a Windows XP-based computer that has a particular combination of SD host controller and SD card: "The disk in drive is not formatted" 
 KB971029 - Update to the AutoPlay functionality in Windows 
 KB971165 - The CLIENTNAME environment variable returns the value "Console" instead of the actual client name when users first log on to a Windows XP SP3-based computer by using Remote Desktop Connection 
 KB971234 v2 - The Defrag.exe tool crashes when you run the Dfrgntfs.exe tool to defragment a hard disk on a computer that is running Windows XP
KB971314 - All PCL inbox printer drivers become unsigned after you install the Microsoft .NET Framework 3.5 SP1 or the XPS Essentials Pack in Windows XP or in Windows Server 2003 
 KB971345 - The LimitProfileSize Group Policy setting does not take effect when the size of a user profile is larger than 4 GB on a Windows XP-based client computer 
 KB971455 - A computer that is running Windows XP SP3 cannot authenticate a wireless router that uses the Wi-Fi Protected Setup (WPS) when the router is configured to use Wired Equivalent Privacy (WEP) 
 KB971657 - MS09-041: Vulnerability in the Workstation Service could allow elevation of privilege 
 KB972270 - MS10-001: Vulnerability in the Embedded OpenType Font Engine could allow remote code execution 
 KB972422 - A Windows XP-based computer stops responding at the "Windows is loading your profile" screen when you connect to the computer by using an RDP connection 
 KB972435 - Slow performance when you try to open a redirected drive on a remote computer that is running Windows XP through a Terminal Services session 
 KB972878 - The "Guaranteed service type" Group Policy setting returns to the default value after you restart a client computer that is running Windows XP or Windows Server 2003 
 KB973502 - The size of the Ntds.dit file becomes larger on one or more domain controllers that are running Windows Server 2003 or Windows Server 2008 after you enable the credential roaming feature for the domain 
 KB973507 - MS09-037: Description of the security update for the Active Template Library: August 11, 2009 
 KB973624 - After you use a smart card to log on to a computer that is running Windows XP, Digest authentication fails 
KB973815 - MS09-037: Description of the security update for Microsoft MSWebDVD ActiveX Control in Windows XP and Windows Server 2003: August 11, 2009 
 KB973869 - MS09-037: Description of the security update for the DHTML editing component ActiveX control: August 11, 2009 
 KB973904 - MS09-073: Description of the security update for Windows XP, Windows 2000, and Windows Server 2003: December 8, 2009 
 KB974112 - MS09-052: Vulnerability in Windows Media Player could allow remote code execution 
 KB974266 - Group Policy Preferences Client-Side Extension Hotfix Rollup 
 KB974318 - MS09-071: Vulnerabilities in the Internet Authentication service could allow remote code execution 
 KB974571 - MS09-056: Vulnerabilities in CryptoAPI could allow spoofing 
 KB975025 - MS09-051: Description of the security update for Audio Compression Manager: October 13, 2009 
 KB975467 - MS09-059: Vulnerability in the Local Security Authority Subsystem Service could allow denial of service 
 KB975560 - MS10-013: Description of the security update for Quartz: February 9, 2010 
KB975713 - MS10-007: Vulnerability in Windows Shell Handler could allow remote code execution 
 KB976323 - MS10-024: Description of the security update for Windows SMTP Service: April 13, 2010 and July 13, 2010 
 KB977816 - MS10-026: Vulnerability in Microsoft MPEG Layer-3 codec could allow remote code execution 
 KB977914 - MS10-013: Description of the security update for AVI filter: February 09, 2010 
 KB978338 - MS10-029: Vulnerability in Windows ISATAP Component could allow spoofing 
 KB978542 - MS10-030: Vulnerability in Outlook Express and Windows Mail could allow remote code execution 
 KB978706 - MS10-005: Vulnerability in Microsoft Paint could allow remote code execution 
 KB978835 - Service cannot access the \?? namespace in Windows XP 
 KB979309 - MS10-019: Description of the security update for Windows Cabinet File Viewer Shell Extension: April 13, 2010 
 KB979482 - MS10-033: Description of the security update for Asycfilt.dll (COM component): June 8, 2010 
 KB979687 - MS10-083: Description of the security update for WordPad: October 12, 2010 
 KB981073 v3 - FIX: FTP clients may not connect correctly to an FTP site that is hosted in IIS 5.0 or IIS 5.1 on a computer that has security update 975254 installed 
KB981669 - The installation process of a MSI package that contains multiple packages stops responding (hangs) in Windows XP, Windows Vista, or Windows Server 2008 
 KB981997 - MS10-050: Vulnerability in Windows Movie Maker could allow remote code execution 
 KB982132 - MS10-076: Vulnerability in the Embedded OpenType Font Engine could allow remote code execution 
 KB982316 - An update is available for the Windows Telephony Application Programming Interface (TAPI) 
 KB982665 - MS10-055: Vulnerability in Cinepak codec could allow remote code execution 
 KB983234 - FIX: A parent window is still disabled after you close a child dialog box that is hosted by a webpage in Internet Explorer 6
KB2115168 - MS10-052 Vulnerability in Microsoft MPEG Layer-3 codecs could allow remote code execution 
 KB2124261 - MS10-065: Description of the security update for Internet Information Services ASP: September 14, 2010 
 KB2229593 - MS10-042: Vulnerability in Help and Support Center could allow remote code execution 
 KB2264107 - A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm 
 KB2270406 - "0x000000D1" Stop error message when you try to refresh a webpage in Internet Explorer on a computer that is running Windows XP SP3 
 KB2290570 - MS10-065: Description of the security update for Internet Information Services Infocomm in Windows XP SP3: September 14, 2010 
 KB2296011 - MS10-081: Vulnerability in the Windows common control library could allow remote code execution 
 KB2345886 - Description of the update that implements Extended Protection for Authentication in the Server service 
 KB2347290 - MS10-061: Vulnerability in Print Spooler Service could allow remote code execution 
 KB2387149 - MS10-074: Vulnerability in Microsoft Foundation Classes could allow remote code execution 
 KB2393802 - MS11-011: Vulnerabilities in Windows Kernel could allow elevation of privilege 
 KB2419632 - MS11-002: Description of the security update for Microsoft Data Access Components 2.8 Service Pack 1: January 11, 2011 
 KB2423089 - MS10-096: Vulnerability in Windows Address Book could allow remote code execution 
 KB2436673 - MS10-098: Vulnerabilities in Windows Kernel could allow elevation of privilege 
 KB2443105 - MS10-097: Insecure Library Loading in Internet Connection Signup Wizard could allow remote code execution 
 KB2454533 v2 - Description of a shared folder that is mapped to a network drive is not displayed on a Windows XP SP3-based computer that has security update MS10-066 installed 
 KB2478960 - MS11-014: Vulnerability in Local Security Authority Subsystem Service could allow local elevation of privilege 
 KB2478971 - MS11-013: Description of the security update for Kerberos in Windows XP and in Windows Server 2003: February 8, 2011 
 KB2479943 - MS11-015: Description of the security update for Microsoft Windows: March 8, 2011 
 KB2483185 - MS11-006: Vulnerability in Windows Shell Graphics Processing could allow remote code execution 
 KB2485663 - MS11-033: Vulnerability in WordPad text converters could allow remote code execution: April 12, 2011 
 KB2491683 - MS11-024: Description of the security update for Windows Fax Cover Page Editor: April 12, 2011 
 KB2492386 - Application Compatibility Update for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: April 2011 
 KB2498072 - A SCSI device does not burn DVD discs when you use IMAPIv2.0 for Windows XP and for Windows Embedded Standard 2009 
 KB2508429 - MS11-020: Vulnerabilities in SMB Server could allow remote code execution: April 12, 2011 
 KB2509553 - MS11-030: Vulnerability in DNS Resolution could allow remote code execution: April 12, 2011 
 KB2535512 - MS11-042: Vulnerabilities in Distributed File System could allow remote code execution: June 14, 2011 
 KB2536276 v2 - MS11-043: Vulnerability in SMB Client could allow remote code execution: June 14, 2011 
 KB2544893 v2 - MS11-037: Vulnerability in MHTML could allow information disclosure: June 14, 2011 
KB948046 - A Word document is not printed as expected after you install the Windows European Union Expansion Font pack in Windows Server 2003 or in Windows XP 
KB2564958 - MS11-075: Description of the security update for Active Accessibility in Windows: October 11, 2011 
 KB2566454 - MS11-062: Vulnerability in Remote Access Service NDISTAPI driver could allow elevation of privilege: August 9, 2011 
 KB2570947 - MS11-071: Vulnerability in Windows Components could allow remote code execution: September 13, 2011 
 KB2584146 - MS12-005: Vulnerability in Microsoft Windows could allow remote code execution: January 10, 2012 
 KB2584577 - FIX: An application that uses objects that are derived from the CArchive class may crash after you install security update 2506212 
 KB2585542 - MS12-006: Description of the security update for Webio, Winhttp, and schannel in Windows: January 10, 2012 
 KB2592799 - MS11-080: Vulnerability in ancillary function driver could allow elevation of privilege: October 11, 2011 
 KB2598479 - MS12-004: Description of the security update for Windows Multimedia Library for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008: January 10, 2012 
 KB2603381 - MS12-002: Vulnerability in Windows Object Packager could allow remote code execution: January 10, 2012 
 KB2619339 - MS11-092: Description of the security update for Windows XP, Windows Vista, and Windows 7: December 13, 2011 
 KB2620712 - MS11-097: Vulnerability in Windows Client/Server Runtime Subsystem could allow elevation of privilege: December 13, 2011 
 KB2629462 - N/A 
 KB2631813 - MS12-004: Description of the security update for DirectShow: January 10, 2012 
 KB2661637 - MS12-014: Vulnerability in Indeo Codec could allow remote code execution: February 14, 2012 
 KB2686509 - MS12-034: Description of the security update for CVE-2012-0181 in Windows XP and Windows Server 2003: May 8, 2012 
 KB2691442 - MS12-048: Vulnerability in Windows Shell could allow remote code execution: July 10, 2012 
 KB2698365 - MS12-045: Vulnerability in Microsoft Data Access Components could allow remote code execution: July 10, 2012 
 KB2705219 v2 - MS12-054: Description of the security update for Windows Networking Components: August 14, 2012 
 KB2712808 - MS12-054: Description of the security update for Windows Networking Components: August 14, 2012 
 KB2723135 v2 - MS12-053: Vulnerability in Remote Desktop could allow remote code execution: August 14, 2012 
 KB2727528 - MS12-072: Vulnerabilities in Windows shell could allow remote code execution: November 13, 2012 
 KB2749655 - Microsoft Security Advisory: Compatibility issues affecting signed Microsoft binaries 
 KB2757638 - MS13-002: Description of the security update for XML Core Services 3.0 and 6.0: January 8, 2013 
 KB2758857 - MS12-081: Vulnerability in Windows file handling component could allow remote code execution: December 11, 2012 
 KB2770660 - MS12-082: Vulnerability in DirectPlay could allow remote code execution: December 11, 2012 
 KB2780091 - MS13-011: Vulnerability in media decompression could allow remote code execution: February 12, 2013 
 KB2802968 - MS13-020: Vulnerability in OLE Automation could allow remote code execution: February 12, 2013 
 KB2807986 - MS13-027: Vulnerabilities in Windows Kernel-Mode drivers could allow elevation of privilege: March 12, 2013 
 KB2808679 - Update that protects from internal URL port scanning is available for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 
 KB2813347 v2 - MS13-029: Description of the security update for Remote Desktop Connection 7.0 Client: April 9, 2013 
 KB2820917 - MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) could allow elevation of privilege: April 9, 2013 
 KB2828030 - USB audio devices stop streaming audio on a computer that is running Windows XP SP3 
 KB2832214 - n/a 
 KB2834886 - MS13-029: Description of the security update for Remote Desktop Connection 7.0 Client: April 9, 2013 
 KB2836198 - An update is available that removes the CSP signature check in Windows XP SP3 and Windows Server 2003 SP2 
 KB2845187 - MS13-056: Vulnerability in Microsoft DirectShow could allow remote code execution: July 9, 2013 
 KB2847311 - MS13-081: Description of the security update for kernel-mode drivers: October 8, 2013 
 KB2850869 - MS13-060: Vulnerability in Unicode Scripts Processor could allow remote code execution: August 13, 2013 
 KB2859537 - MS13-063: Vulnerabilities in Windows kernel could allow elevation of privilege: August 13, 2013 
 KB2862152 - Microsoft security advisory: Vulnerability in DirectAccess could allow security feature bypass 
 KB2862330 - MS13-081: Description of the security update for USB drivers: October 8, 2013 
 KB2862335 - MS13-081: Description of the security update for USB drivers: October 8, 2013 
 KB2864063 - MS13-071: Vulnerability in Windows Theme file could allow remote code execution: September 10, 2013 
 KB2868038 - MS13-081: Description of the security update for USB drivers: October 8, 2013 
 KB2868626 - MS13-095: Vulnerability in XML digital signatures could allow denial of service: November 12, 2013 
 KB2876217 - MS13-070: Vulnerability in OLE could allow remote code execution: September 10, 2013 
 KB2876331 - MS13-089: Vulnerability in Windows Graphics Device Interface could allow remote code execution: November 12, 2013 
 KB2878379 v2 - FIX: A "c000021a" error occurs when you restart a Windows Embedded POSReady 2009 device 
 KB2884256 - MS13-081: Description of the security update for USB drivers: October 8, 2013 
 KB2892075 - MS13-099: Description of the security update for Windows Script 5.7: December 10, 2013 
 KB2892734 - Windows Firewall service crashes when multiple FTP operations are running in Windows XP SP3 
 KB2893294 - MS13-098: Vulnerability in Windows could allow remote code execution: December 10, 2013 
 KB2893984 - MS13-101: Description of the security update for Windows kernel-mode drivers: December 10, 2013 
 KB2898715 - MS13-102: Vulnerability in LRPC client could allow elevation of privilege: December 10, 2013 
 KB2900986 - MS13-090: Cumulative security update for ActiveX Kill Bits: November 12, 2013 
 KB2914368 - MS14-002: Vulnerability in Windows kernel could allow elevation of privilege: January 14, 2014 
 KB2916036 - MS14-005: Vulnerability in Microsoft XML Core Services could allow information disclosure: February 11, 2014 
 KB2929729 - n/a 
KB282784 - QFEcheck v6.2.29.0
Last edited by harkaz on Tue Apr 08, 2014 7:04 am, edited 3 times in total.

User avatar
bphlpt
Posts: 1372
Joined: Sat Apr 19, 2008 1:11 am

Post by bphlpt » Sat Mar 01, 2014 9:36 pm

I saw your post over at MSFN and I figured I ought to warn you.

Your link at MSFN, and perhaps your post there as well, is likely to get deleted and you might even get banned from MSFN. MSFN is EXTREMELY strict about not allowing any redistribution of MS files, with the exception of Win9x stuff. If you'll notice, neither OnePiece's nor user_hidden's nor tomasz86's nor 5eraph's nor ricktendo's update packs are posted there and they have all been hassled about their work when they tried to list them there. tomasz86's work is discussed there, but no links are provided, instead folks are directed to his site for the DL link. The other's work is not even mentioned at MSFN. I would suggest deleting your post at MSFN before a mod gets hold of it. If your work was a maker where the user downloaded the MS files themselves directly from MS that would be fine, but not if you are supplying the files. You might get away with just a description of your project and a referral to here, but since it concerns XP I doubt it. (Again note that OnePiece's and user_hidden's work is not mentioned.)

On the other hand, WinCert would welcome you. All of the above update pack maker's work is listed there, except 5eraph who I think is only listed here. Since MSFN and WinCert use the same board software you should be able to copy and paste your post from one board to the other.

Cheers and Regards
Last edited by bphlpt on Sun Mar 02, 2014 12:12 am, edited 4 times in total.

User avatar
5eraph
Site Admin
Posts: 4619
Joined: Tue Jul 05, 2005 9:38 pm
Location: Riverview, MI USA

Post by 5eraph » Sat Mar 01, 2014 10:19 pm

It won't be deleted here on ryanvm.net, as bphlpt's wording may unintentionally suggest. MSFN is far stricter concerning Microsoft's intellectual property. It is my understanding that they have received cease and desist orders in the past, so their intolerance is out of necessity.

And you're correct, bphlpt. I've never posted my update pack anywhere except here. This decision was made only because I wanted one place for users of the pack to post feedback and support requests to make it easier for me to read and respond. The html help file in my pack links directly to this forum's thread for that purpose.

User avatar
bphlpt
Posts: 1372
Joined: Sat Apr 19, 2008 1:11 am

Post by bphlpt » Sat Mar 01, 2014 11:05 pm

Edited my post for clarification. :)

Don't get me wrong. There is a lot of good information at MSFN, just as there is both here and at WinCert, and many folks are members at all three places for that reason. But as 5eraph has clarified, MSFN has had to be much stricter in its policies, and their enforcement, than the other two boards.

Cheers and Regards

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sun Mar 02, 2014 4:54 am

@bphlht, 5eraph: Thanks for your suggestions, I will redirect all users from MSFN and Wincert to this thread. I published it on MSFN, so that more people could see it. I posted the new link here as well, but the post appears to be blank.

Iwill repost it here soon (currently on mobile).

I am particularly excited with this release and I'm looking forward to your comments/suggestions
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

User avatar
5eraph
Site Admin
Posts: 4619
Joined: Tue Jul 05, 2005 9:38 pm
Location: Riverview, MI USA

Post by 5eraph » Sun Mar 02, 2014 5:07 am

harkaz wrote:I posted the new link here as well, but the post appears to be blank.
Fixed that for you. :) Extra spaces within [url] tags can cause problems.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sun Mar 02, 2014 8:19 am

I see. Thank you, 5eraph :)
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

ChiefZeke
Posts: 767
Joined: Fri Mar 23, 2007 5:33 pm
Location: Victorville, California

Post by ChiefZeke » Sun Mar 02, 2014 4:24 pm

Did I miss something? The instructions at MSFN and WinCert indicate the integration is to be run from the Command Prompt - what happened to the use of the RyanVM Integrator?

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sun Mar 02, 2014 5:02 pm

RyanVMi should work (I haven't tested that yet). This is the Microsoft's own method for Service Pack slipstreaming, and it's supposed to work in any scenario.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Sun Mar 02, 2014 7:15 pm

And I found the first bug: Kabul Time Zone syndrome :p

I'm working on that.. but I don't understand the cause of this problem.
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

tomasz86
Posts: 491
Joined: Tue Aug 09, 2011 12:12 pm
Location: https://twilczynski.com/windows
Contact:

Post by tomasz86 » Sun Mar 02, 2014 7:52 pm

bphlpt wrote:I saw your post over at MSFN and I figured I ought to warn you.

Your link at MSFN, and perhaps your post there as well, is likely to get deleted and you might even get banned from MSFN. MSFN is EXTREMELY strict about not allowing any redistribution of MS files, with the exception of Win9x stuff. If you'll notice, neither OnePiece's nor user_hidden's nor tomasz86's nor 5eraph's nor ricktendo's update packs are posted there and they have all been hassled about their work when they tried to list them there. tomasz86's work is discussed there, but no links are provided, instead folks are directed to his site for the DL link. The other's work is not even mentioned at MSFN. I would suggest deleting your post at MSFN before a mod gets hold of it. If your work was a maker where the user downloaded the MS files themselves directly from MS that would be fine, but not if you are supplying the files. You might get away with just a description of your project and a referral to here, but since it concerns XP I doubt it. (Again note that OnePiece's and user_hidden's work is not mentioned.)
Yeah, bphlpt is 100% right here. Although I don't think the MSFN thread will be deleted as long as no direct links to the Service Pack itself are listed there. You should also ask all other users who unintentionally have linked to the file (when replying in the topic, etc.) to update their links to this RyanVM.net thread. If I were you I'd also remove the detailed info about the file such as MD5 Hash and Size, just in case.

Also be careful not to argue too much with those who don't agree with the SP idea, always keep calm and be polite as much as possible since MSFN tends to close threads that have got too hot.

User avatar
OnePiece Alb
Posts: 525
Joined: Sat Sep 01, 2007 7:01 pm
Location: Albania
Contact:

Post by OnePiece Alb » Sun Mar 02, 2014 10:22 pm

@OffTopic
in MSFN (one of those Mod or SuperMod as they call them, who have closed the topic) they asked me (in WinNT6.x True integrator) if I was permission to use Autoit (to think that in my exe have not even included the 7-zip, I mean, there's nothing inside) :( in poor words is how to ask, if I have permission to install firefox hmmmmmm, so I think more is a personal issue with someone, Seriously (Really) I have not been angry about this thing, I do not believe that we had with me personally, I think maybe centrate the forum where I've posted (Wincert e Ryanvm, at least I think so)

having said that, because (just to give an example) they are programs\exe from 15-20 MB, I have not seen them ask why a program that will normally be 1-2-3-6 Mb is 15-20MB? (I believe that include without doubt microsoft file\exe\dll\binary)

nothing special, is a closed\old story, it was all just for info

sorry for my english

Ciao a tutti.
Image Image Image

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Mon Mar 03, 2014 9:22 am

@tomasz86: Thanks for your tips. I will certainly be calm and polite with everyone. No software solution can satisfy everyone, of course, and any opinion is equally respectable.

@onepiece alb: Interesting story, I have to say...

I'm looking into the "Kabul Time zone syndrome". I've experimented a little bit and I found out that:

- tzchange.exe version is not related to the issue.
- At T-9 stage the set timezone in registry is the SELECTED one (e.g. Athens, Bucharest: GTB Time Zone)

These two elemnts show that there is something else responsible for the issue than the T-20 - T-13 phase, as many suspected..

User avatar
OnePiece Alb
Posts: 525
Joined: Sat Sep 01, 2007 7:01 pm
Location: Albania
Contact:

Post by OnePiece Alb » Mon Mar 03, 2014 9:31 am

http://www.ryanvm.net/forum/viewtopic.p ... 545#120545

must always in the end to run

Code: Select all

RUNDLL32.exe %dir%\tzchange.dll,SuccessInstallation
Ciao.
Image Image Image

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Mon Mar 03, 2014 10:38 am

@Onepiece alb: I added this command to be run in the T-13 stage, along with the HKLM, "%KEY_WIN_CURVER%\RunOnceEx\UP OS Setup", "TimeZone_Config_CleanUp", %REG_SZ%, "%11%\RUNDLL32.exe advpack.dll,DelNodeRunDLL32 %10%\Temp\tzchange.dll" key.

However, the problem persists. A more interesting finding I've just made is that during OOBE time zone is the original one set during Windows Setup.

So it seems that Active Setup causes the issue, because immediately after booting to desktop the time zone has automagically changed to Afghanistan...

UPDATE: It might not be directly related to Active Setup, after all, because when I create a new admin account, I cannot reproduce the issue.
Last edited by harkaz on Mon Mar 03, 2014 10:51 am, edited 1 time in total.

User avatar
ricktendo64
Posts: 3213
Joined: Mon May 22, 2006 12:27 am
Location: Honduras

Post by ricktendo64 » Mon Mar 03, 2014 10:51 am

Same issues

http://www.ryanvm.net/forum/viewtopic.p ... torder=asc

http://extratorrent.cc/torrent/1108359/ ... BETA4.html

http://www.msfn.org/board/topic/123286- ... -to-kabul/

Personally I still like to use tzchange cmdline tool to add my timezone changes vs inf addreg

User avatar
OnePiece Alb
Posts: 525
Joined: Sat Sep 01, 2007 7:01 pm
Location: Albania
Contact:

Post by OnePiece Alb » Mon Mar 03, 2014 10:55 am

that will not have to happen, make sure that in T13 in system is the last tzchange.exe, and the registry of last KB_TimeZone was added in the system PROPERLY

during Windows setup http://www.ryanvm.net/forum/viewtopic.p ... 666#134666 press SHIFT + F10, and regedit.exe or taskmgr.exe ect ect

Ciao.
Image Image Image

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Mon Mar 03, 2014 10:59 am

@ricktendo: What is the cause of this issue? I have added the registry entries for time zones in hivesft.inf (in text-mode setup) and nothing goes wrong until after the OOBE..

I have read that adding these time zone entries in T13 would fix this issue, but I don't understand why.

I'll try to run the tzchange.dll, successinstallation command in Active Setup. In the meanwhile, I'm trying to find exactly when the registry change takes place.

@onepiece: I'll retest with the latest tzchange.exe. I had replaced it with the original SP3 one for test purposes and I didn't restore the latest one back.

UPDATED: Tested with the new one tzchange.exe. As expected, nothing has changed.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Mon Mar 03, 2014 4:46 pm

I tested something different and the results are very interesting.

During the T-9 stage of setup I entered regedit from the command line and disabled write access for the "SYSTEM" user to the HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation registry key.

After the OOBE completed, at first logon, I noticed that the "personalized settings" window came up with Internet Explorer 8 component shown instantly. This didn't happen in a normal XP CD and probably indicates some failure in Active Setup initialization.

However, time zone is now reported correctly.

Could anyone enlighten me a bit more about what exactly happens immediately after the OOBE?
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Mon Mar 03, 2014 5:34 pm

UPDATE: This time I repeated the process WITH the IE8 deleted from ActiveSetup and everything seems to work fine.

Repeating tests...

SOLUTION: Fixed two bugs with this combination: Disable SYSTEM write access to the TimeZoneInformation key at first boot, remove some IE8 active setup keys.

For ACL modification in RunonceEx and ActoveSetup (at first boot) I may use this tool:

http://helgeklein.com/setacl/documentat ... etacl-exe/

Probably this tool will be included in the standard SP4 set.
Last edited by harkaz on Mon Mar 03, 2014 8:13 pm, edited 2 times in total.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Mon Mar 03, 2014 6:37 pm

Some thoughts...

Instead of writing a complete tutorial I am thinking about publishing some "secrets" of Windows XP SP4 so that experienced authors like tomasz86, Onepiece, ricktendo, nonnofabio, kel, user_hidden and others can focus on what is new in this service pack compared to previously available update pack solutions. We can discuss and I will try to explain everything you don't understand.

So let's start with the most important "innovation" in this Service Pack: it behaves like an official one in terms of system file check.

And having said this, I will try to explain it a bit further.
I'll take the Onepiece's update pack for example, which was the one I had been using before I started developing the SP4.

Every time I installed a new device (i.e. printer, etc.) I got an SFC message prompting me to insert the Windows XP Professional installation media to restore the original versions of the files.
Although understanding the exact cause of an SFC message can be quite difficult, it is quite possible that the cause of that specific message is layout.inf or syssetup.inf modification.

Layout.inf, for those who don't know, is the layout file used by SFC to search for system files in windows installation media. SFC checks if the layout.inf file itself is signed and then proceeds with further integrityy checks for the referenced files. This functionality of layout.inf is present since Windows 98.
(IMPORTANT NOTE: I didn't say "signed by Microsoft Corporation").

Layout.inf contents should be identical with its text-mode setup counterpart, txtsetup.sif.

Layout.inf integrity is essential for the system drivers to be reported as signed in Device Manager, because this is the layout file for all system drivers, which are located in driver.cab and sp3.cab cabinet files, referenced at this layout.inf file. This is the most important aspect of modifying layout.inf.

Finally, the integrity of layout.inf file is checked during Windows Setup, along with one more file: syssetup.inf. If those files are not verified, Setup will end with the very familiar message:

"The signature for Windows XP Professional Setup is invalid. The error code is 800b0100.
No signature was present in the subject."


This error is fatal and setup will stop. (Specific Microsoft Catalogs can cause a similar which is not fatal, but present in setuperr.log. We also fix this error with the same method, I will tell you more later).

Syssetup.inf is another important file which has to be edited in a Service Pack. It is the core INF of Windows NT 5 setup. Many patches to syssetup.inf trigger some "Driver Unsigned" which made Kel abandon his Windows 2K Unofficial SP5.2 Project. I had originally developed a patch which "silenced" most of these side-effects. However, setuperr.log still reported SFC failures.

Layout.inf, on the other hand, was very difficult for me to take care of. It's a central INF in system's functionality and there are many DLLs involving it's usage.

So, after MANY failed attempts (I took me a month to figure this out) I thought something else: Sign the files with my own certificate so that SFC is happy

This is the only new method used in SP4 development. If you know how it's done, you will be able to:

- seamlessly modify INF and other non-binary files
- add updated Microsoft binaries to the dllcache with no need for an update catalog.
- probably add patched Microsoft binaries to the dllcache, but I haven't tested this yet.

This method will be extremely useful for anyone wanting to continue Windows XP semi-official with POSReady 2009 (Embedded) patches until 2019.

Because Windows Embedded and XP SP3 have the same codebase and servicing system- even the file versions are identical - it's quite probable that XP users will enjoy continued semi-official, free security updates until 2019.

I will continue tomorrow, this was just to bring the crowd in :p :)

tomasz86
Posts: 491
Joined: Tue Aug 09, 2011 12:12 pm
Location: https://twilczynski.com/windows
Contact:

Post by tomasz86 » Tue Mar 04, 2014 5:07 am

Just a side note - there's a way to prevent the driver signing related errors from appearing, not connected to your method that uses a self-created certificate.

You may find this topic interesting:

http://www.msfn.org/board/topic/158481- ... ows-setup/

I'd like to help more with all of this but it's difficult due to lack of time :( I'm kind of busy in general, and also have to move in the upcoming days so I've got almost no time for anything else.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Tue Mar 04, 2014 9:07 am

tomasz86 wrote:Just a side note - there's a way to prevent the driver signing related errors from appearing, not connected to your method that uses a self-created certificate.

You may find this topic interesting:

http://www.msfn.org/board/topic/158481- ... ows-setup/

I'd like to help more with all of this but it's difficult due to lack of time :( I'm kind of busy in general, and also have to move in the upcoming days so I've got almost no time for anything else.
I absolutely understand you have no free time at all. I hope you'll have a bit more after April. We could start porting post-EOL updates for Windows Embedded to Windows XP SP4 or a similar package and offer semi-official support for Windows XP users.


Anyway, let's continue with the CAT signing method.

As we saw in the previous post, all system files have to be signed in order to be accepted by the SFC as original. A system file is considered to be signed only if it has been referenced (its hash has been referenced) in an installed and valid catalog file.

A self-signed certificate cannot be used to sign a valid SFC catalog.

A valid catalog is signed with an SPC certificate which has been issued from a trusted CA (certificate authority).

A CA, like Verisign, makes you pay a significant amount of money to buy the certificate and also provide various personal information which appear on the cerificate. In addition, the certification can be used in sspecific security context for a limited time only. If you want to do more, you'll have to pay even more. In addition, with laws like DMCA out there, it's not exactly a good idea to use your real credentials in a certificate like that...

So, what are we going to do? We will create our own CA and use this CA certificate to sign another one. The second certificate will be converted to SPC and used to sign the catalog file.

I will continue soon.

P.S. QFE_UpdatePack gave me an idea about solving the Kabul Time Zone Syndrome. Alpha 2 build will be available soon...

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Tue Mar 04, 2014 5:50 pm

Let's continue...

This article

http://www.ulduzsoft.com/2012/01/creati ... g-openssl/

will help you create the CA root certificate in Linux, using openssl. Follow the instructions provided there to create the ca.pem and ca.key files for you certificate authority (CA).

The ca.key file is the private key you will use to sign the new certificate (we will also do this in linux, as described in the link provided). That certificate will be used later to sign a new catalog file which will reference all the unsigned files (modified or added) in SP4. The ca.pem file is the public key of the CA certificate.

Store the ca.key and ca.pem files so that you can easily recover them when you need to build a new software publisher's certificate (remember: all certificates cannot be used to sign files after a specific date).

Follow the next steps in that article to create the cert.pem and cert.key files of your certificate, using the ca.pvk to sign the new certificate.

Now, you have these 2 files: cert.pem and cert.key.

The linux-friendly cert.key has to be converted to the Windows-friendly cert.pvk format. There is a little tool called pvk.exe that helps us do that. For more details visit:

http://www.chilkatsoft.com/p/p_347.asp

The cert.pem can be directly renamed to cert.cer.

Now, we will build the SPC certificate. The cert2spc tool:

http://msdn.microsoft.com/en-us/library ... s.85).aspx

can be used to convert the cert.cer file to cert.spc.

(Note: Noticed this in the M$ article?:
Note This tool is for test purposes only. A valid SPC is obtained from a certification authority.
Don't let this confuse you... it works just fine... if you know how to do it...)

So.. we're at the most interesting part of the story: create the catalog file and signing it.

I'm sure you'll already have many questions so I'll stop here.

To be continued..

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Wed Mar 05, 2014 3:50 pm

Windows XP SP4 Alpha 2 is now available!

https://drive.google.com/file/d/0B7k-l_ ... sp=sharing

This version fixes the "Kabul Time Zone Syndrome" which has been present in the original Alpha release. No other components have been modified.
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Wed Mar 05, 2014 8:02 pm

Let's continue the CAT signing story...

After creating the spc, we combine spc and pvk into a single pfx key using the pvk2pfx tool (for more info: http://msdn.microsoft.com/en-us/library ... e/ff552299)

Using that pfx file you can finally sign the catalig file.

So far the steps are:

1) CA creation
2) cert.pem and cert.key creation
3) Convert cert.key to cert.pvk and rename cert.pem to cert.cer.
4)Convert cert.cer to cert.spc
5) Combine cert.spc and cert.pvk into cert.pfx


- Creating the catalog file.

A catalog file is a table consisting of hashes and other optional elements.
When you reference a modified file of the SP4 package in the CAT file it has to be uncompressed.
Create a sp4inf.cdf file with the following format:

[CatalogHeader]
Name=sp4inf.cat
PublicVersion=0x0000001
EncodingType=0x00010001
CATATTR1=0x10010001:OSAttr:2:5.1
[CatalogFiles]
<hash>File1=path_for_the first file
.....

At the end of the sp4inf.cdf do leave one line blank.

From an elevated command prompt of the Windows SDK Tools go to the folder where sp4inf.cdf and cert.pfx reside and run:

makecat sp4inf.cdf
to create the CAT file

signtool sign /f CERT.PFX /p xxxx /d "Windows XP SP4 INF Catalog" sp4inf.cat
to sign the CAT file, xxxx is the password of your private key (cert.key was created in step 2, you specified the password there).

signtool timestamp /t http://timestamp.verisign.com/scripts/timstamp.dll sp4inf.cat
to timestamp the signature

Create a different sp4inf.cat file for every Windows XP distro (ic - Home ,ip-Pro, inc - Home N, etc.)
Add the required references for sp4inf.cat in update.inf, layout.inf, syssetup.inf, dosnet.inf and txtsetup.sif. Because sp4inf.cat is used to validate layout.inf and syssetup.inf, change this line in syssetup.inf:

nt5inf.cat,1 in [ProductCatalogsToInstall] section
to
nt5inf.cat

and add this line (in that same section):

sp4inf.cat,1

(The ,1 tag in syssetup.inf catalog installation indicates the only catalog that is used to validate syssetup.inf and layout.inf files).

Challenge: How can I make Windows trust my CA in GUI-mode setup?

We will answer it in a couple of days, but I'll let you think that a bit more.

User avatar
bphlpt
Posts: 1372
Joined: Sat Apr 19, 2008 1:11 am

Post by bphlpt » Wed Mar 05, 2014 8:51 pm

Even though I don't think I'll try to build my own SP4, I'm really enjoying reading your comments.

Cheers and Regards

spider
Posts: 64
Joined: Sat Feb 23, 2008 1:06 am

Post by spider » Thu Mar 06, 2014 4:50 am

same here but it's nice to see the inner workings of it and how much time and effort was spent. :)

spider
Posts: 64
Joined: Sat Feb 23, 2008 1:06 am

Post by spider » Thu Mar 06, 2014 9:03 am

Just tried your alpha2,

I did a slipstrem of the service pack, then brought it up with nlite to reduce, is it suppose to change Xp Pro into Xp Pro Media Center v4.0?


FYI the following Kb's also showed up on windows Update:

kb2909921
kb923789
kb2909210
kb2917500
kb890830
kb2934207

Also realised that the components folder is vital in this compared to previous windows versions of xp where you could just delete it.
Last edited by spider on Thu Mar 06, 2014 2:21 pm, edited 1 time in total.

User avatar
bphlpt
Posts: 1372
Joined: Sat Apr 19, 2008 1:11 am

Post by bphlpt » Thu Mar 06, 2014 12:11 pm

spider wrote:... is it suppose to change Xp Pro into Xp Pro Media Center v4.0? ...
As I understand it, no. It will upstade both XP Pro and XP Media Center, but I don't think it will convert one to the other, though I also wish that was an available option, the way that ricktendo's addon can,

Cheers and Regards

User avatar
ricktendo64
Posts: 3213
Joined: Mon May 22, 2006 12:27 am
Location: Honduras

Post by ricktendo64 » Thu Mar 06, 2014 12:49 pm

All you need to do is add a registry entry, but on a live install you have to boot from a pe disk, mount the reg hive and add it that way

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Thu Mar 06, 2014 1:07 pm

Because nLite discovers that Windows XP SP4 is designed to be distributed in 2 CD-ROMs (it didn't happen in milestone 4) it automatically reports the distro as MCE 2005.

Even if you tweak the registry, you won't get MCE installed, unless you've slipstreamed XP SP4 to a media center 2002/2004/2005 source

The updates that currently pop-up will be added in later versions of XP SP4.

spider
Posts: 64
Joined: Sat Feb 23, 2008 1:06 am

Post by spider » Thu Mar 06, 2014 4:20 pm

Is there a way to disable the installation of IE/WMP/Bit locker through winnt.sif Components section?

I've gotten nlite to remove everything else except those three without issues.

harkaz
Posts: 710
Joined: Fri Nov 16, 2012 10:23 am
Location: GR

Post by harkaz » Thu Mar 06, 2014 6:28 pm

@spider: Nope, you can only remove access to IE8/WMP11 from the Start menu, via the IEAccess, WMPAccess components. I haven't created an OC for Bitlocker in this version. Maybe in future versions...
Windows XP Unofficial SP4 (2014, 2016, and 2019): viewtopic.php?t=10321
Non-IT stuff:
Retinal changes in schizophrenia (2019): https://academic.oup.com/schizophreniab ... 06/5598443

spider
Posts: 64
Joined: Sat Feb 23, 2008 1:06 am

Post by spider » Fri Mar 07, 2014 7:29 am

ok cool.

Also do you think any of these patches will still work or will they need to be updated.

I'm thinking they need to be updates as i get an error when i try install xp after using them saying "windows cannot find the installation" when i use them.

edit: forgot the link:

http://www.ryanvm.net/forum/viewtopic.php?t=2274
Last edited by spider on Fri Mar 07, 2014 8:01 am, edited 1 time in total.

Post Reply