Dibya Posted May 22, 2020 Posted May 22, 2020 kb3124624-v2: Fixes: CVE-2020-1035, CVE-2020-1058, CVE-2020-1060, CVE-2020-1093,CVE2020-0674(0 Day),CVE2019-1429(0 Day) kb4056941v2: Fixes: CVE-2020-0938(0day), CVE-2020-1020(0day) https://ryanvm.net/forum/viewtopic.php?f=25&t=22749 6
Dibya Posted May 22, 2020 Author Posted May 22, 2020 (edited) CVE2020-0674(0 Day),CVE2019-1429(0 day) are variant of each other . Microsoft did some quick fix but bad guys can easily work around it so i made a own patch to harden it. I have carefully studied work of 0patch but their patch is kill switch for JScript. So I made my own work around to fix it . https://blog.0patch.com/2020/01/micropatching-workaround-for-cve-2020.html My patch in action https://i.ibb.co/jhpqgrN/Vulnerability-Fixed.png It prevents both JSEncode & JSCompat vulnerability (Thanks to 0patch to find out JSCompat too can be used) Edit: I had no intention to share this patch but shared it as my friends asked me to . Some people likes to judge on basis of your age not your skill . Mastering x86 Assembly takes time . People are using my patch in wrong way then blaming me , Like using nlite addon without nlite despite knowing SFC can replace back original files from SP3.cab Many russian and chinese devs copied my RAM patch without my consent . one of my friends sent me ''I tried this too before. Don't expect too much from it as it was made by some teenage indian dude lol" Sounded racist to me . First they are dump to use nlite addon in wrong way and blame me without disabling SFC. In future , I will keep my patches to me . Why shall i bother ? WHat is the use of sharing and caring philosophy ? why shall i waste my bandwidth which i could use to watch anime ? Edited May 22, 2020 by Dibya
jaclaz Posted May 22, 2020 Posted May 22, 2020 1 hour ago, Dibya said: one of my friends sent me ''I tried this too before. Don't expect too much from it as it was made by some teenage indian dude lol" Sounded racist to me . First they are dump to use nlite addon in wrong way and blame me without disabling SFC. In future , I will keep my patches to me . Why shall i bother ? WHat is the use of sharing and caring philosophy ? why shall i waste my bandwidth which i could use to watch anime ? Well, all you will obtain will be an updated definition , something like "some selfish teenage indian dude who watches anime". The "teenage" becoming (already or soon) inaccurate, time passes faster than one would expect ... Haters are gonna hate anyway. jaclaz 2
Dave-H Posted May 22, 2020 Posted May 22, 2020 4 hours ago, Dibya said: In future , I will keep my patches to me . Why shall i bother ? WHat is the use of sharing and caring philosophy ? why shall i waste my bandwidth which i could use to watch anime ? Always remember Dibya that those criticising your work, usually unjustifiably as the issues have been caused by them, almost certainly wouldn't have been able in their wildest dreams to do what you've done. Please don't let a few id*** stop you sharing your work, the vast majority really appreciate your efforts I promise! 7
Dibya Posted May 22, 2020 Author Posted May 22, 2020 @Dave-H & @jaclaz thanks .'' Anyone know how to fix uninstaller issue in my hotfix repack.
jaclaz Posted May 22, 2020 Posted May 22, 2020 37 minutes ago, Dibya said: Anyone know how to fix uninstaller issue in my hotfix repack. Surely someone does, now if you could actually ask a proper question, explaining what the issue is, then those people may be put in the condition to understand what the problem is. All I can see that may be vaguely relevant is this oneliner on RyanVM: Quote I am need help, I am unable to get hotfix uninstaller to work , I need a SFX Script for 7zip jaclaz
win32 Posted May 22, 2020 Posted May 22, 2020 I think the issue is that in Add/Remove Programs, there is no entry to uninstall the hotfix nor is there a hidden $NtUninstallKBXXXXXX$ folder in the root system folder (X:\WINDOWS). I fiddled with some of WildBill's unofficial Windows 2000 hotfixes that have a modified update.exe that ignores catalogs, in order to make UMDF and IntelPPM updates (those attempts have failed). But after making significant edits to those updates I could still get the uninstaller to work. So maybe you can base your updates off those. You should look at Windows2000-KB2507618-x86-ENU.exe; that actually deals with ATM.
Guest Posted May 23, 2020 Posted May 23, 2020 Go Dibya. Has anyone applied both patches, or even a single patch?
SD73 Posted May 23, 2020 Posted May 23, 2020 On 5/22/2020 at 5:33 AM, Dave-H said: Always remember Dibya that those criticising your work, usually unjustifiably as the issues have been caused by them, almost certainly wouldn't have been able in their wildest dreams to do what you've done. Please don't let a few id*** stop you sharing your work, the vast majority really appreciate your efforts I promise! I'm just another one of us in support of your work, Dibya. I think most all of us are happy to hear someone is keeping the XP mantle alive. And I for one would be happy to use any of your updates you release as a means of keeping my system safe and secure.
Dibya Posted May 23, 2020 Author Posted May 23, 2020 1 hour ago, Sampei.Nihira said: Go Dibya. Has anyone applied both patches, or even a single patch? Let me fix the uninstaller first . @win32 pointed it out. Then if theirs a bug anyone can uninstall it . Well anyone have any idea how much dangerous CVE-2020-1048 is . https://windows-internals.com/printdemon-cve-2020-1048/ In Their blog , https://blog.0patch.com/2020/05/micropatching-printdemon-vulnerability.html 0patch Fix mentions LcmCreatePortEntry but nowhere IDA Pro , Relyze & PEExplorer find such reference .
Guest Posted May 23, 2020 Posted May 23, 2020 (edited) @Dibya Personally, I wouldn't worry too much. P.S. Sorry, but I really have to disconnect, otherwise I divorce my wife............... Edited May 23, 2020 by Sampei.Nihira
Guest Posted May 24, 2020 Posted May 24, 2020 (edited) @Dibya Hi, The image where you wrote "My patch in action" cannot be enlarged. Could you insert an image with this possibility? Thanks. Edited May 24, 2020 by Sampei.Nihira
Dibya Posted May 24, 2020 Author Posted May 24, 2020 @Sampei.Nihira Here you go https://ibb.co/KstRbMp
Guest Posted May 25, 2020 Posted May 25, 2020 FranceBB wrote: Quote .....just patched the security vulnerability CVE2020-0674 by backporting the fix from newer Windows...... Presumably I.E.9 x86 on Windows Server 2008. What is the version number of jscript.dll after applying the patch? Have other files of I.E.8 also been updated by the patch?
Dibya Posted May 26, 2020 Author Posted May 26, 2020 (edited) 22 hours ago, Sampei.Nihira said: FranceBB wrote: Presumably I.E.9 x86 on Windows Server 2008. What is the version number of jscript.dll after applying the patch? Have other files of I.E.8 also been updated by the patch? Well it is not a port of newer jscript , it patches out vulnerability in windows XP IE8 file . i never said as such to FranceBB i think its a miss understanding JScript of vista will require expansion of kernel with new api , which i am not willing to do since it may break old XP only programs implementation of patch is unique as it prevent any such vulnerability . CVE2020-0674(0 Day) is variant of CVE2019-1429(0 Day) Edited May 26, 2020 by Dibya
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now