Jump to content

nLite bug with KB977816 and KB2115168 - Windows XP

Guest

By Guest
in nLite

 Share

Recommended Posts

Guest

Guest

Posted
Posted (edited)

There you go. Don't remove the keyboard files. ;)

I can make you an add-on creator that will put in the required registry entries to satisfy WU if you insist on removing them.

EDIT: Here, made it. WindowsXP-KB2686509-x86-ENU-faker.cab

Edited by -X-

PinkFreud

PinkFreud

Posted
Posted (edited)
There you go. Don't remove the keyboard files. ;)

I can make you an add-on creator that will put in the required registry entries to satisfy WU if you insist on removing them.

Would you be adding the add-on creator & a footnote on your Post SP3 site? If so, go right ahead :yes:Mr -X- s'il vous plait...if not, I'll just keep the keyboard files. Any idea how much space they take up on the CD?

Thanks again for your outstanding work, I'm gonna throw a few bucks in your tip-jar.

Edited by PinkFreud
Guest

Guest

Posted
Posted

The keyboard files take up half a MB. No, I don't think I will be adding a footnote and such as this is a widespread problem not particular to nLite.

Guest

Guest

Posted
Posted (edited)

Whoa! Hold your horses! I think I will be adding a footnote.

I was running some experiments, one with keyboards removed and one without keyboards removed, and forgot that nLite has a disable windows key. I had used one of my presets that had that option and was getting a failed KB2686509 on both! Took me a while to figure it out.

disablewindowskey.png

I'm still in the middle of figuring out if it is indeed the keyboard files. I will update this post when I have confirmation or reply if there is a reply in the interim. So if your viewing this post from a subscription email, come to the thread. I just wanted to get my thoughts down asap.

Did you by chance forget that and did disable the Windows key in nLite tweaks (see pic)?

Edited by -X-
PinkFreud

PinkFreud

Posted
Posted (edited)

Nice find! Yes, I DID disable the Windows key, from Last INI:

Explorer-Disable Autorun

Explorer-Disable Prefix: Shortcut to

Explorer-Disable shortcut arrow

Explorer-Disable Web Files and Folders connection

Explorer-Disable Windows keys

I'll run a build with keyboards removed & Windows key enabled & report back, which I'm sure you'll do too. Hopefully we'll both get the same desired result...:P

Edited by PinkFreud
Guest

Guest

Posted
Posted

OK, here's my findings...

KB2686509 fails with disable Windows key

KB2686509 fails with removed keyboards.

KB2686509 does it's thing perfectly if neither of the above is done.

Time to write that footnote.

Thanks for bringing this up.

PinkFreud

PinkFreud

Posted
Posted (edited)

Confirmed, KB log attached...

Do I substitute the CAB "Faker" file for the real one? Or do I slipstream both?

Edited by PinkFreud
Guest

Guest

Posted
Posted

The faker is supposed to hide the update..that's all. Did you not remove it from the update list?

PinkFreud

PinkFreud

Posted
Posted (edited)

The faker is supposed to hide the update..that's all. Did you not remove it from the update list?

Please explain in more detail what EXACTLY the Faker cab does/doesn't do when you have the time.

Thanks & much gratitude,

"Pink"

Edited by PinkFreud
Guest

Guest

Posted
Posted (edited)

EDIT: The it is KB2686509

So after you setup Windows, you tried to install it? That's what I get from your image of the log file.... c:\152.............................\update\update.exe.

KB2686509 is a weird update. It does not install any files or reg entries (except those indicating that the update has been applied).

I'm not a MS update engineer but it appears to me that WindowsXP-KB2686509-x86-ENU\update\kblChecker.dll does some magic as far as checking things. Now on a fresh install everything should be OK if it's just a scancode map reg entry (disable or remap a key). So the faker will just tell WU that, hey I've done my magic because all it looks for is "has this update been run?". The faker does not run the update, it just tricks WU into thinking it has been run. Remember this update only runs and does not add things to the system.

Here is the faker....

[general]
builddate=2012/04/19
description=Security Update faker
language=English
title=KB2686509 faker
website=http://support.microsoft.com/?kbid=2686509



[registry_addreg]
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Installed",0x10001,1
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Comments",0,"Security Update for Windows XP (KB2686509)"
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Backup Dir",0,""
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Fix Description",0,"Security Update for Windows XP (KB2686509)"
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Installed By",0,""
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Installed On",0,""
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Service Pack",0x10001,"4"
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Valid",0x10001,1
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509\File 1\,"Flags",0,""
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509\File 1\,"New File",0,""
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509\File 1\,"New Link Date",0,""
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509\File 1\,"Old Link Date",0,""
HKLM,SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2686509,"Description",,"Security Update for Windows XP (KB2686509)"
HKLM,SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2686509

As you can see it just add entries into the section of the registry that keeps track of what has been "installed".

To expect the faker to make the update ignore the errors with keyboards is unrealistic. I don't know what the effects are of having those keyboard errors. I truly don't understand fully what this security vulnerability does. The vulnerability is pretty minor as all it affects is a logged in limited users being able to run administrator commands. They would need physical access to the machine. If you don't add limited users like your kids or something that are hackers then this update is kinda meaningless. Hence the faker.

Edited by -X-
tomasz86

tomasz86

Posted
Posted

@

I think your "faker" could be simplified to this:

[general]
builddate=2012/04/19
description=Security Update faker
language=English
title=KB2686509 faker
website=http://support.microsoft.com/?kbid=2686509



[registry_addreg]
HKLM,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB2686509,"Installed",0x10001,1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...