Jump to content

WinPE to apply hotfixes?


Recommended Posts

I have a bit of a challenge... we have a bunch of legacy Windows 2000 and XP systems to support that either exist in atypical domains, or don't belong to a domain at all.

Its going to be a few months before I can get these machines transitioned to a proper environment where SUS & Tivoli are available to apply updates, so I need a temporary & cheap solution to get patches distributed via CD & Mail!

Does anyone out there know if it is possible to edit the registry on a host system while in a PE environment?

In my ideal scenario, I'd have a Windows PE bootdisk that does the following:

1. Copy hotfixes or other updates to the local hard disk

2. Add a RunOnce entry to the registry on the hard disk

3. Updates get applied when the machine reboots

Can anyone point me in the direction of some code or an article that would help me do this?

Link to comment
Share on other sites

Yes this is possible. You can do what is called a REG SLAM to put the run once value in the registry. You will need to create a REG file with the values in it. Take a look at Ram Disk CMD file that MS provides. It should do what you want.

Copying your files to the Hard Drive is the easy part.



@if not defined Debug echo off


:: Program to "Slam" the contents of ramdrv.reg into a WinPE Registry Hive.

:: This step is performed against a WinPE build, before the ISO image is created.


:: The RamDrv sample is provided as-is.



if not exist "%~dp0\ramdrv.reg" echo ERROR: .\RamDrv.reg not found & goto :Usage

if not exist %1\system32\setupreg.hiv echo ERROR: WinPE System Not Found at %%1 & goto :Usage

if not exist %1\system32\drivers\ramdrv.sys Echo ERROR: RamDrv.sys not found at %%1 & goto :Usage


reg.exe load HKLM\NewSys %1\system32\setupreg.hiv


RegEdit.exe /s "%~dp0\ramdrv.reg"


reg.exe unload HKLM\NewSys

goto :EOF


@echo Usage: %~n0 ^<WinPE_Path^>

@echo Where <WinPE_Path> is the location of the WinPE directory.

@echo Example: %~n0 c:\MyWinPE\i386

@echo or %~n0 c:\minint

Link to comment
Share on other sites

Hi Chris -

Thanks for the info, this looks interesting.

But I want to edit the Windows XP registry from Windows PE, not edit the Windows PE registry.

Can you slam the WinXP registry from the PE environment? I haven't heard much about this before, so any links to any kind of documentation would be welcome.

Link to comment
Share on other sites

But I want to edit the Windows XP registry from Windows PE, not edit the Windows PE registry.


My bad. I knew what you wanted... but gave you the wrong example. Sorry

Here is what you want.

This mounts the XP registry under PE and allows you to change it.

You will need to modify it for your needs.

reg.exe load HKLM\PEtemp c:\windows\system32\config\software

<mounts the Software key hive to PE as PETEMP>

reg.exe delete HKLM\PEtemp\Microsoft\Windows\CurrentVersion /v DevicePath /f

<deletes the DEVICE PATH key>

reg.exe add HKLM\PEtemp\Microsoft\Windows\CurrentVersion /v DevicePath /t REG_EXPAND_SZ /d yadda...yadda...yadda

<added the DEVICEPATH Key and the value "yadda...yadda...yadda" as a REG_Expand_sz>

reg.exe unload HKLM\PEtemp

<unmounts the PETEMP hive>


Link to comment
Share on other sites

Semi-stupid question.  Why do you need to use PE to get patches installed on a PC?  Why not just have a disk that contains all the patches and loads that way?

Not a dumb question at all. The problem is that I'm dealing with PCs in a variety of domains with scrambled local admin passwords, and need a way to allow unprivleged users to patch workstations.

Unfortunately, I didn't think it through all of the way, and I'm not sure that I want to auto-login an administrative accound to apply the patches after the PE disk copies it down to the workstation.

Link to comment
Share on other sites

  • 2 weeks later...

This is also a very good way to apply a patch to already infected machines in a safe way.

It's on my todo list to make a cd with easy hta screens and modular backend so that an user can fix his/her own machine in case of an outbreak where we can't use sus/tivoli to fix the problem

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Create New...