galahs Posted April 14, 2007 Share Posted April 14, 2007 Thanks for the reply. Link to comment Share on other sites More sharing options...
MDGx Posted April 29, 2007 Author Share Posted April 29, 2007 UPDATED 4-28-2007Please see top of this topic to download + install updated patch:http://www.msfn.org/board/?showtopic=58780_____________________________Update:* Win98 SE = Old U891711 [temporary fix] replaced by new Q891711 [permanent fix]:http://www.mdgx.com/files/Q891711.TXT Link to comment Share on other sites More sharing options...
BenoitRen Posted April 30, 2007 Share Posted April 30, 2007 Awesome! Congratulations to the author. I hope he'll be able to provide a fix for Windows 95's files as well (both version 4.00.950, unless those got updates somewhere?).I have a question, though. It's my understanding that the parsing happens in user.exe, and that the way to fix the vulnerabilities is to check the size of what user32.dll returns. So why does user32.dll need patching? I don't mean to criticise, I just want to learn. Link to comment Share on other sites More sharing options...
Analada Posted April 30, 2007 Share Posted April 30, 2007 (edited) UPDATED 4-28-2007Please see top of this topic to download + install updated patch:http://www.msfn.org/board/?showtopic=58780_____________________________Update:* Win98 SE = Old U891711 [temporary fix] replaced by new Q891711 [permanent fix]:http://www.mdgx.com/files/Q891711.TXTThe versions of the fixed user.exe + user32.dll are 4.10.22.33. These are in fact *older* than the ones which existed on my system, 4.90.3001, which were there by doing (I guess) the 98SE2ME upgrade.But it's better to have a permanent fix. So (1) Uninstall the temporary U891711 first (using add/remove programs); (2) Install new permanent fix even though the file versions are older, than those installed by 98SE2ME.Is above correct? Edited April 30, 2007 by Analada Link to comment Share on other sites More sharing options...
MDGx Posted April 30, 2007 Author Share Posted April 30, 2007 The versions of the fixed user.exe + user32.dll are 4.10.22.33. These are in fact *older* than the ones which existed on my system, 4.90.3001, which were there by doing (I guess) the 98SE2ME upgrade.But it's better to have a permanent fix. So (1) Uninstall the temporary U891711 first (using add/remove programs); (2) Install new permanent fix even though the file versions are older, than those installed by 98SE2ME.Is above correct?Version number is 4.10.2233 for both 98SE USER*.* files.The USER*.* files you have in %windir%\system are newer version number, because they are from an older WinME hotfix [uSER*.* 4.90.3001]:* Microsoft Windows ME Erratic Mouse Pointer Movement USER32.DLL + USER.EXE 4.90.3001 Fix:http://support.microsoft.com/?id=280800Direct download [453 KB, English]:http://www.mdgx.com/files/ME280800.EXEMore info:http://support.microsoft.com/?id=267139All ME system files have a higher version number than all 98SE files [normal "operation"].But, as you well caught on, the ME files don't have the permanent fix [yet, anyway, and if they will ever do, it's all up to the anonymous author who created the 98SE fix].1. Yes, please uninstall U891711 thru Control Panel -> Add/Remove programs.FYI:I am going to [at some point] include an uninstall feature for U891711 into the Q891711 INF.2. Yes, please install 98SE USER*.* 4.10.2233 permanent fix to overwrite ME USER*.* 4.90.3001 :* Unofficial Windows 98 SE Animated Cursor (.ANI) + Icon Handling USER32.DLL + USER.EXE 4.10.2233 Security Vulnerability Fix:http://www.mdgx.com/files/Q891711.TXTDirect download [375 KB, English]:http://www.mdgx.com/files/Q891711.EXEThis Fix replaces ALL PREVIOUS Microsoft MS07-017 (Q925902):http://www.microsoft.com/technet/security/...n/ms07-017.mspxMS05-002 (Q891711):http://www.microsoft.com/technet/security/...n/ms05-002.mspx+ unofficial (U891711) Animated Cursor (.ANI) + Icon Handling Security Vulnerabilities Fixes, which are now OBSOLETE!Q891711 MSFN forum:http://www.msfn.org/board/?showtopic=58780HTH Link to comment Share on other sites More sharing options...
Eck Posted April 30, 2007 Share Posted April 30, 2007 (edited) I may be mistaken but I think 98SE2ME versions that have that Windows Me version number include the latest fixes so there's no need to reinstall the ones with the older version numbers. Since I generally apply all the fixes before installing 98SE2ME I get the Me version installed. Then if a newer 891711 unofficial patch comes out I have let it replace those Me versions when it asked. But I believe I've read that those USER files are already patched when 98SE2ME installs them. If a new 891711 comes out I install the 98SE version as that is what we are running. Installing the version made especially for Windows Me is a definite no no! But that is not what 98SE2ME does. Um, I think.Edit - MDGx posted as I was typing. Oh! Then, do what he just said, as will I when it's time for me to install this stuff again. I'm just waiting now on a new Auto-Patcher to get released. Edited April 30, 2007 by Eck Link to comment Share on other sites More sharing options...
PROBLEMCHYLD Posted April 30, 2007 Share Posted April 30, 2007 2. Yes, please install 98SE USER*.* 4.10.2233 permanent fix to overwrite ME USER*.* 4.90.3001Does this means you are removing USER*.* 4.90.3001 from 98SE2ME? Link to comment Share on other sites More sharing options...
Analada Posted April 30, 2007 Share Posted April 30, 2007 (edited) 2. Yes, please install 98SE USER*.* 4.10.2233 permanent fix to overwrite ME USER*.* 4.90.3001Does this means you are removing USER*.* 4.90.3001 from 98SE2ME?Good question. But whatever MDGx decides, based on the facts already given I deduce:a) If you want a permanent fix, get rid of the TSR-based U891711 stuff, (recommended for 98SE2ME users) then do the permanent fix.B) If you have already done U891711 + 98SE2ME and now do nothing, there's no harm. You're still protected.What I don't know is that, ignoring above, whether there are any inherent advantages to using USER*.* 4.90.3001? Edited April 30, 2007 by Analada Link to comment Share on other sites More sharing options...
BenoitRen Posted April 30, 2007 Share Posted April 30, 2007 Yes, please uninstall U891711 thru Control Panel -> Add/Remove programs.FYI:I am going to [at some point] include an uninstall feature for U891711 into the Q891711 INF.I don't understand this. An uninstall feature? You can already uninstall the thing from Add/Remove Programs. Isn't that good enough? Everything should be able to get uninstalled that way. Link to comment Share on other sites More sharing options...
MDGx Posted May 2, 2007 Author Share Posted May 2, 2007 Yes, please uninstall U891711 thru Control Panel -> Add/Remove programs.FYI:I am going to [at some point] include an uninstall feature for U891711 into the Q891711 INF.I don't understand this. An uninstall feature? You can already uninstall the thing from Add/Remove Programs. Isn't that good enough? Everything should be able to get uninstalled that way.An uninstall feature for the older U891711 which installs Q891711.DLL + KB891711.EXE, not for Q891711 which installs the new USER*.* files.That's because old U891711 files [temporary fix] are not necessary anymore once Q891711 is installed [permanent fix].Please see the ReadMe for details:http://www.mdgx.com/files/Q891711.TXTHTH Link to comment Share on other sites More sharing options...
MDGx Posted May 3, 2007 Author Share Posted May 3, 2007 BenoitRen:Anonymous author answered your questions:BenoitRen wrote Apr 30 2007, 8:44 AM:> Awesome! Congratulations to the author. I hope he'll be able> to provide a fix for Windows 95's files as well (both> version 4.00.950, unless those got updates somewhere?).As unlikely as a Win98FE patch I am afraid - it is just tootime-consuming.> I have a question, though. It's my understanding that the parsing> happens in user.exe, and that the way to fix the vulnerabilities is to> check the size of what user32.dll returns. So why does user32.dll need> patching? I don't mean to criticise, I just want to learn.USER.EXE and USER32.DLL are interdependent. So they need to be of the sameversion and be updated at the same time. USER32.DLL was patched basicallyto make sure this happens under all circumstances.I hope this helps.HTH Link to comment Share on other sites More sharing options...
MDGx Posted May 3, 2007 Author Share Posted May 3, 2007 What I don't know is that, ignoring above, whether there are any inherent advantages to using USER*.* 4.90.3001?Please read this post...Does this means you are removing USER*.* 4.90.3001 from 98SE2ME?No, because 4.90.3001 don't have the .ANI fix, but 4.10.2233 don't have the mouse cursor erratic movement fix.So it's a trade-off.98SE2ME installs WinME files, which otherwise can't be installed in "normal" conditions.Example: USER*.* 4.90.3001 hotfix [ME280800.EXE] cannot be installed on Win98SE, one has to 1st extract the files and then manually copy them over to %windir%\system from native MS-DOS and finally reboot.But 98SE2ME installs them in 1 step, without any intervention from the user, as part of options 1 + 2.I'm actually considering removing USER*.* 4.90.3001 altogether from 98SE2ME sometime in the future, but I'm still waiting a while, in the hope that anonymous author might one day wish to patch them to something like 4.90.3002 to include the .ANI fix.If that happens, those files would have *both* fixes, and will be worth keeping as part of 98SE2ME options 1 + 2.FYI:Anoynymous author has also sent me USER 4.10.2234 for Win98SE [fixed also mouse cursor erratic movement (same as USER*.* 4.90.3001) besides the .ANI fix], but those files were buggy, in the sense that the mouse cursor disappeared completely from the desktop on my computer, no matter which mouse drivers I was using. ;-(So he had to revert back to USER*.* 4.10.2233 , which fixed only the .ANI bug, but *not* the mouse cursor erratic movement bug.That's why we are all using now USER*.* 4.10.2233, which do not have the mouse cursor erratic movement fix that is fixed by USER*.* 4.90.3001 .HTH Link to comment Share on other sites More sharing options...
glocK_94 Posted May 4, 2007 Share Posted May 4, 2007 (edited) Once more, thanks to the anonymous author of the patch and to you MDGx ! :Made a french translation. You can download it here: win9x4ever.online.fr Edited May 4, 2007 by glocK_94 Link to comment Share on other sites More sharing options...
Max_04 Posted May 4, 2007 Share Posted May 4, 2007 Once more, thanks to the anonymous author of the patch and to you MDGx ! :Made a french translation. You can download it here: win9x4ever.online.frWhat have you used to translate LCID / codepage of USER.EXE?An Hex Editor?If yes, where are the strings to edit?Small OT, and to compress a file in UPX? Link to comment Share on other sites More sharing options...
glocK_94 Posted May 6, 2007 Share Posted May 6, 2007 (edited) What have you used to translate LCID / codepage of USER.EXE?An Hex Editor?If yes, where are the strings to edit?Using an hexeditor, look for the offsets O904E404 (english -> 1033 I think) and change them to match your LCID (compare to an original file if you don't know what it is). Small OT, and to compress a file in UPX?...UPX maybe?EDIT: Think I didn't get your question. Actually, if that was what you asked, you can unpack AND pack files using the command line tool "UPX", which can be found here: http://upx.sourceforge.net/ Edited May 10, 2007 by glocK_94 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now