[NTDLL-XEC - My enhanced version of NTDLL]

Don't use Export table tester to add export .it will cause certain tables to break . Never add a section after resources table in NT system files

Use Petools to move Table to new section before .reloc then add anything you like.

If you are not using vanilla file , then wildbill/bwc shall have enough space .

Use the blank space inside .TXT , no need to add another section for code

[Windows XP unofficial security updates]

Well guys I can't get printdemon to work under XP .

https://github.com/BC-SECURITY/Invoke-PrintDemon

Is XP already Exorcises this demon?

Need some confirmation .

Some one run and see this powershell script.

[Windows NT 4.0 Fun!: Emilio And Ashley]

On 5/23/2020 at 8:08 PM, jaclaz said:

Probably in Cheshire:
https://en.wikipedia.org/wiki/Ashley,_Cheshire

and here we have a rare  image of the Cheshire cat:

 

jaclaz

This image will Get YOU NIGHTMARE!

[Windows XP unofficial security updates]

I am still in process of figuring out repacking , Hopefully i will fix it soon

[Dual boot Win 8.1 & XP]

use https://neosmart.net/EasyBCD/ to add back boot loader. its a yearly ritual for me . 

[Windows XP unofficial security updates]

22 hours ago, Sampei.Nihira said:

FranceBB wrote:

Presumably I.E.9 x86 on Windows Server 2008.

What is the version number of jscript.dll after applying the patch?

Have other files of I.E.8 also been updated by the patch?

 

Well it is not a port of newer jscript , it patches out vulnerability in windows XP IE8 file .

i never said as such to FranceBB i think its a miss understanding 

JScript of vista will require expansion of kernel with new api , which i am not willing to do since it may break old XP only programs 

implementation of patch is unique as it prevent any such vulnerability .

CVE2020-0674(0 Day) is variant of CVE2019-1429(0 Day)

[Windows XP unofficial security updates]

@Sampei.Nihira

Here you go https://ibb.co/KstRbMp

[Windows XP unofficial security updates]

1 hour ago, Sampei.Nihira said:

Go Dibya.

Has anyone applied both patches, or even a single patch?

Let me fix the uninstaller first . @win32 pointed it out.  Then if theirs a bug anyone can uninstall it .

Well anyone have any idea how much dangerous CVE-2020-1048 is .

https://windows-internals.com/printdemon-cve-2020-1048/

In Their blog ,

https://blog.0patch.com/2020/05/micropatching-printdemon-vulnerability.html

0patch Fix mentions LcmCreatePortEntry but nowhere IDA Pro , Relyze & PEExplorer find such reference .

[Windows XP unofficial security updates]

@Dave-H & @jaclaz thanks .''

Anyone know how to fix uninstaller issue in my hotfix repack.

[Windows XP unofficial security updates]

CVE2020-0674(0 Day),CVE2019-1429(0 day) are variant of each other . Microsoft did some quick fix but bad guys can easily work around it so i made a own patch to harden it.

I have carefully studied work of 0patch but their patch is kill switch for JScript. 

So I made my own work around to fix it .

https://blog.0patch.com/2020/01/micropatching-workaround-for-cve-2020.html

My patch in action

https://i.ibb.co/jhpqgrN/Vulnerability-Fixed.png

It prevents both JSEncode & JSCompat vulnerability (Thanks to 0patch to find out JSCompat too can be used)

Edit: I had no intention to share this patch but shared it as my friends asked me to .

Some people likes to judge on basis of your age not your skill . Mastering x86 Assembly takes time . 

People are using my patch in wrong way then blaming me , Like using nlite addon without nlite despite knowing SFC can replace back original files from SP3.cab 

Many russian and chinese devs copied my RAM patch without my consent .  

one of my friends sent me 

 

''I tried this too before. Don't expect too much from it as it was made by some teenage indian dude lol" Sounded racist to me .

First they are dump to use nlite addon in wrong way and blame me without disabling SFC.

In future , I will keep my patches to me . Why shall i bother ? WHat is the use of sharing and caring philosophy ? why shall i waste my bandwidth which i could use to watch anime ?

[Windows XP unofficial security updates]

kb3124624-v2:
Fixes: CVE-2020-1035, CVE-2020-1058, CVE-2020-1060, CVE-2020-1093,CVE2020-0674(0 Day),CVE2019-1429(0 Day)
kb4056941v2:
Fixes: CVE-2020-0938(0day), CVE-2020-1020(0day)

 

https://ryanvm.net/forum/viewtopic.php?f=25&t=22749

 

[POSReady 2009 updates ported to Windows XP SP3 ENU]

StructuredQuery.dll doesnt exists in XP how 0patch fix CVE-2020-0729 when it doesnt exists in XP.

anyone know hotfix repacking ?

[Edit Export Table in PEMaker whitout corrupting the file]

You need to code cave some implementations. It's a complex process so hard to explain.

[Edit Export Table in PEMaker whitout corrupting the file]

19 hours ago, WinFX said:

Yes, in firefox 12 I have that error. I use the blackwingcat kernel32 addresses for Windows 2000, which does not call any instructions, instead the one from SP3 calls NTDLL and I don't know if it works.
I Fixed "No more room for sections" bug in PEMaker with Del Rich.

You didn't add any code with hex editor. That's the reason.

I am comparing dlls with sp3 , I am looking out for changes made if any fix needed.

Just wait I will do it for you .

 

[Edit Export Table in PEMaker whitout corrupting the file]

I think you might have corrupted some code.

Their may be some other changes like dx9 upgrade .

Anyway does already compatible software show same ?

 

[Biostar releases XP compatible motherboard]

Kinda actually , Biostar re released H61 chipset motherboard.

link

You can grab i5 3570 for $20 from eBay .So a new xp compatible computer under $150 is very much possible.

[Edit Export Table in PEMaker whitout corrupting the file]

Give me some time I will do it .

[Edit Export Table in PEMaker whitout corrupting the file]

Okay we need to expand existing one then.

[Edit Export Table in PEMaker whitout corrupting the file]

You can use Petools by wildbill to add a section before .rsc & .reloc and move export table their . Then use pemaker for everything else .

[Procrastination of the Day: XP on RasPi]

ARM processor?

XP clone ?

Are they kidding? Who gonna use it .

[Edit Export Table in PEMaker whitout corrupting the file]

You need to add another section and move your export table there <3
If you don't mind, pm me your ntdll & kernel32 I will do it for you .

I personally too like Windows XP sp1 over sp2.

 

 

[POSReady 2009 updates ported to Windows XP SP3 ENU]

CVE-2020-0668: Disable Windows Service Tracing
CVE-2019-1089: Disable RPC
CVE-2020-0645 : Disable IIS
CVE-2020-0772,CVE-2019-1315, CVE-2019-1339,CVE-2019-1319: Disable Windows Error Reporting
CVE-2020-0787 : Disable Bits
CVE-2019-0887,CVE-2019-1108,CVE-2019-1089,CVE-2019-1177,CVE-2019-1333,CVE-2019-1326 : Disable RDP
CVE-2020-0770: Disable Windows ActiveX Installer
CVE-2020-0822 : Disable Windows Language pack installer
CVE-2020-0781, CVE-2020-0783 , CVE-2019-1405 : Disable Universal Plug & Play
CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632 : Disable Windows Search Indexing

[Excubits Bouncer]

On 4/17/2020 at 4:51 PM, Sampei.Nihira said:

Hi,did you perform a code fix or a rename of ATMFD.dll?

 

 

Code fix

[Excubits Bouncer]

Atmfd vulnerability fix is already made by me . I am trying to find someone willing to test it .

[POSReady 2009 updates ported to Windows XP SP3 ENU]

I need someone to repack my updates in update installer. heinoganda  always did for me but looks like he is inactive . @heinoganda