Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Dibya

Windows XP unofficial security updates

Recommended Posts

kb3124624-v2:
Fixes: CVE-2020-1035, CVE-2020-1058, CVE-2020-1060, CVE-2020-1093,CVE2020-0674(0 Day),CVE2019-1429(0 Day)
kb4056941v2:
Fixes: CVE-2020-0938(0day), CVE-2020-1020(0day)

 

https://ryanvm.net/forum/viewtopic.php?f=25&t=22749

 

  • Like 6

Share this post


Link to post
Share on other sites

Posted (edited)

CVE2020-0674(0 Day),CVE2019-1429(0 day) are variant of each other . Microsoft did some quick fix but bad guys can easily work around it so i made a own patch to harden it.

I have carefully studied work of 0patch but their patch is kill switch for JScript. 

So I made my own work around to fix it .

https://blog.0patch.com/2020/01/micropatching-workaround-for-cve-2020.html

My patch in action

https://i.ibb.co/jhpqgrN/Vulnerability-Fixed.png

It prevents both JSEncode & JSCompat vulnerability (Thanks to 0patch to find out JSCompat too can be used)

Edit: I had no intention to share this patch but shared it as my friends asked me to .

Some people likes to judge on basis of your age not your skill . Mastering x86 Assembly takes time . 

People are using my patch in wrong way then blaming me , Like using nlite addon without nlite despite knowing SFC can replace back original files from SP3.cab 

Many russian and chinese devs copied my RAM patch without my consent .  

one of my friends sent me 

 

''I tried this too before. Don't expect too much from it as it was made by some teenage indian dude lol" Sounded racist to me .

First they are dump to use nlite addon in wrong way and blame me without disabling SFC.

In future , I will keep my patches to me . Why shall i bother ? WHat is the use of sharing and caring philosophy ? why shall i waste my bandwidth which i could use to watch anime ?

Edited by Dibya

Share this post


Link to post
Share on other sites
1 hour ago, Dibya said:

one of my friends sent me 

''I tried this too before. Don't expect too much from it as it was made by some teenage indian dude lol" Sounded racist to me .

First they are dump to use nlite addon in wrong way and blame me without disabling SFC.

In future , I will keep my patches to me . Why shall i bother ? WHat is the use of sharing and caring philosophy ? why shall i waste my bandwidth which i could use to watch anime ?

Well, all you will obtain will be an updated definition :w00t:, something like "some selfish teenage indian dude who watches anime". :ph34r:

The "teenage" becoming (already or soon) inaccurate, time passes faster than one would expect ...

Haters are gonna hate anyway.

jaclaz 

 

  • Like 1

Share this post


Link to post
Share on other sites
4 hours ago, Dibya said:

In future , I will keep my patches to me . Why shall i bother ? WHat is the use of sharing and caring philosophy ? why shall i waste my bandwidth which i could use to watch anime ?

Always remember Dibya that those criticising your work, usually unjustifiably as the issues have been caused by them, almost certainly wouldn't have been able in their wildest dreams to do what you've done.
Please don't let a few id*** stop you sharing your work, the vast majority really appreciate your efforts I promise!
:yes:

  • Like 4

Share this post


Link to post
Share on other sites

@Dave-H & @jaclaz thanks .''

Anyone know how to fix uninstaller issue in my hotfix repack.

Share this post


Link to post
Share on other sites
37 minutes ago, Dibya said:

Anyone know how to fix uninstaller issue in my hotfix repack.

Surely someone does, now if you could actually ask a proper question, explaining what the issue is, then those people may be put in the condition to understand what the problem is.

All I can see that may be vaguely relevant is this oneliner on RyanVM:

Quote

I am need help, I am unable to get hotfix uninstaller to work , I need a SFX Script for 7zip

jaclaz

Share this post


Link to post
Share on other sites

I think the issue is that in Add/Remove Programs, there is no entry to uninstall the hotfix nor is there a hidden $NtUninstallKBXXXXXX$ folder in the root system folder (X:\WINDOWS).

I fiddled with some of WildBill's unofficial Windows 2000 hotfixes that have a modified update.exe that ignores catalogs, in order to make UMDF and IntelPPM updates (those attempts have failed). But after making significant edits to those updates I could still get the uninstaller to work. So maybe you can base your updates off those.

You should look at Windows2000-KB2507618-x86-ENU.exe; that actually deals with ATM.

Share this post


Link to post
Share on other sites
On 5/22/2020 at 5:33 AM, Dave-H said:

Always remember Dibya that those criticising your work, usually unjustifiably as the issues have been caused by them, almost certainly wouldn't have been able in their wildest dreams to do what you've done.
Please don't let a few id*** stop you sharing your work, the vast majority really appreciate your efforts I promise!
:yes:

I'm just another one of us in support of your work, Dibya.  I think most all of us are happy to hear someone is keeping the XP mantle alive.  And I for one would be happy to use any of your updates you release as a means of keeping my system safe and secure.

Share this post


Link to post
Share on other sites
1 hour ago, Sampei.Nihira said:

Go Dibya.:yes:

Has anyone applied both patches, or even a single patch?

Let me fix the uninstaller first . @win32 pointed it out.  Then if theirs a bug anyone can uninstall it .

Well anyone have any idea how much dangerous CVE-2020-1048 is .

https://windows-internals.com/printdemon-cve-2020-1048/

In Their blog ,

https://blog.0patch.com/2020/05/micropatching-printdemon-vulnerability.html

0patch Fix mentions LcmCreatePortEntry but nowhere IDA Pro , Relyze & PEExplorer find such reference .

Patch_436_source_code.png

Share this post


Link to post
Share on other sites

@Dibya

7aCmQd11_o.jpg

Personally, I wouldn't worry too much.

P.S. Sorry, but I really have to disconnect, otherwise I divorce my wife...............:D

 

Edited by Sampei.Nihira

Share this post


Link to post
Share on other sites

@Dibya

Hi,

The image where you wrote "My patch in action" cannot be enlarged.:dubbio:
Could you insert an image with this possibility? :yes:
Thanks. :hello:

Edited by Sampei.Nihira

Share this post


Link to post
Share on other sites

FranceBB wrote:

Quote

.....just patched the security vulnerability CVE2020-0674 by backporting the fix from newer Windows......

Presumably I.E.9 x86 on Windows Server 2008.

What is the version number of jscript.dll after applying the patch?

Have other files of I.E.8 also been updated by the patch?

 

Share this post


Link to post
Share on other sites
22 hours ago, Sampei.Nihira said:

FranceBB wrote:

Presumably I.E.9 x86 on Windows Server 2008.

What is the version number of jscript.dll after applying the patch?

Have other files of I.E.8 also been updated by the patch?

 

Well it is not a port of newer jscript , it patches out vulnerability in windows XP IE8 file .

i never said as such to FranceBB i think its a miss understanding 

JScript of vista will require expansion of kernel with new api , which i am not willing to do since it may break old XP only programs 

implementation of patch is unique as it prevent any such vulnerability .

CVE2020-0674(0 Day) is variant of CVE2019-1429(0 Day)

Edited by Dibya

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...