Update README, new xdelta patches, new AIO script

Checking OS versions

.gitignore

@@ -0,0 +1,3 @@
+*.exe
+*.rar
+*.zip

README.md

@@ -1,29 +1,39 @@
+### [If you are looking for the latest patch files, you can find them here!](https://github.com/zeffy/kb4012218-19/releases)
+
+---
+
 ### Here's a list of the Windows updates that I will be talking about in this paper:
 
 Title | Products | Classification | Last Updated | Version | Size
 ----- | -------- | -------------- | ------------ | ------- | ----
 March, 2017 Preview of Monthly Quality Rollup for Windows 7 ([KB4012218]) | Windows 7 | Updates | 3/16/2017 | n/a | 93.4 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4012218]) | Windows 7 | Updates | 3/16/2017 | n/a |	153.9 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4012218]) | Windows 7 | Updates | 3/16/2017 | n/a | 153.9 MB
 March, 2017 Preview of Monthly Quality Rollup for Windows Server 2008 R2 x64 Edition ([KB4012218]) | Windows Server 2008 R2 | Updates | 3/16/2017 | n/a | 153.9 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 ([KB4012219]) |	Windows 8.1 | Updates | 3/16/2017 | n/a | 121.2 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4012219]) |	Windows 8.1 | Updates | 3/16/2017 | n/a | 218.0 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 ([KB4012219]) | Windows 8.1 | Updates | 3/16/2017 | n/a | 121.2 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4012219]) | Windows 8.1 | Updates | 3/16/2017 | n/a | 218.0 MB
 March, 2017 Preview of Monthly Quality Rollup for Windows Server 2012 R2 ([KB4012219]) | Windows Server 2012 R2 | Updates | 3/16/2017 | n/a | 218.0 MB
+April, 2017 Security Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4015549]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 159.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems ([KB4015549]) | Windows Server 2008 R2 | Security Updates | 4/8/2017 | n/a | 159.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows 7 ([KB4015549]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 97.6 MB
+April, 2017 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4015550]) | Windows 8.1 | Security Updates | 4/10/2017 | n/a | 220.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows Server 2012 R2 ([KB4015550]) | Windows Server 2012 R2 | Security Updates | 4/10/2017 | n/a | 220.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows 8.1 ([KB4015550]) | Windows 8.1 | Security Updates | 4/10/2017 | n/a | 122.4 MB
 
-## About
+## Preface
 
-After reading [this article](https://www.ghacks.net/2017/03/22/kb4012218-kb4012219-windows-update-processor-generation-detection/) on gHacks, I was inspired to look into these new rollup updates that Microsoft released on March 16. Among other things included in these updates, the changelog mentions the following:
+After reading [this article on gHacks](https://www.ghacks.net/2017/03/22/kb4012218-kb4012219-windows-update-processor-generation-detection/), I was inspired to look into these new rollup updates that Microsoft released on March 16. Among other things included in these updates, the changelog mentions the following:
 
 > Enabled detection of processor generation and hardware support when PC tries to scan or download updates through Windows Update.
 
-Which is just Microsoft's nice way of telling everyone who'd rather keep using Windows 7 or 8.1 to fuck themselves. _There have even been people with AMD and Intel systems from 2015 who have reportedly been locked out of Windows Update because of this!_
+Which is essentially a giant middle finger to anyone who dare not "upgrade" to the steaming pile of garbage known as Windows 10.
+
+There have even been people with Intel and AMD systems from 2015 who have allegedly been locked out of Windows Update because of these updates!
 
 ## Bad Microsoft!
 
-Well then, time figure out how to fix this garbage.
-
 I started by downloading the `.msu` package for my system (in my case, it was `windows6.1-kb4012218-x64_590943c04550a47c1ed02d3a040d325456f03663.msu`)
 
-I extracted it using the command line `expand` tool, like this:
+I extracted it using the command line `expand` tool:
 
 ```bat
 md "windows6.1-kb4012218-x64"
@@ -33,33 +43,17 @@ md "Windows6.1-KB4012218-x64"
 expand -f:* ".\Windows6.1-KB4012218-x64.cab" ".\Windows6.1-KB4012218-x64"
 ```
 
-Great, now there's thousands of `.exe` and `.dll` files to sort through! Just kidding. Sort of. Maybe. :thinking:
+Great, now there's thousands of files to sort through! Just kidding. Sort of. Maybe. :thinking:
 
-I ended up using PowerShell to sort through all the binaries, like so:
+I ended up using PowerShell to sort through and filter out all the binaries that weren't related to Windows Update, like so:
 
 ```powershell
 Get-ChildItem -Filter "wu*" -Exclude "*.mui" -Recurse | ForEach-Object { $_.FullName }
 ```
 
-That's narrowed it down quite a bit! This is now what we're looking at:
+That narrowed it down to 14 files, excellent!
 
-- `wu.upgrade.ps.dll`
-- `wuapi.dll`
-- `wudriver.dll`
-- `wups.dll`
-- `wuapp.exe`
-- `wuwebv.dll`
-- `wuauclt.exe`
-- `wuaueng.dll`
-- `wups2.dll`
-- `wucltux.dll`
-- `wuapi.dll`
-- `wudriver.dll`
-- `wups.dll`
-- `wuapp.exe`
-- `wuwebv.dll`
-
-Next, I started comparing these binaries with the ones already on my system with [BinDiff] and [Diaphora], starting with `wuauclt.exe`. After turning up empty with that (the two binaries were nearly identical), I decided to take a look at `wuaueng.dll`, which turned up quite a few relevant new functions:
+Next, I started comparing these binaries with the ones already on my system with [BinDiff] and [Diaphora]. I eventually got to `wuaueng.dll`, which turned up quite a few interesting new functions:
 
 EA | Name | Basicblock | Instructions | Edges 
 -- | ---- | ---------- | ------------ | -----
@@ -100,21 +94,24 @@ EA | Name | Basicblock | Instructions | Edges
 `00000600000832CC` | ``TraceLoggingEnableForTelemetry(_TlgProvider_t const *)`` | 16 | 86 | 23
 `0000060000083210` | ``TraceLoggingSetInformation(_TlgProvider_t const *,_EVENT_INFO_CLASS,void *,ulong)`` | 6 | 50 | 8
 
-We have found culprits,  [`IsDeviceServiceable(void)`](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185) and [`IsCPUSupported(void)`](https://gist.github.com/zeffy/1a8f8984d2bec97ae24af63a76278694)!
+We have found culprits, [`IsDeviceServiceable(void)`](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185) and [`IsCPUSupported(void)`](https://gist.github.com/zeffy/1a8f8984d2bec97ae24af63a76278694)!
 
 ## Solutions
 
-`IsCPUSupported(void)` is only ever called by `IsDeviceServiceable(void)`, which is called by five other functions. Luckily, there are a couple easy ways to kill this CPU check.
+`IsCPUSupported(void)` is only ever called by `IsDeviceServiceable(void)`, which is called by a few other functions. Luckily, there are a couple easy ways to kill this CPU check.
 
-1. Patch `wuaueng.dll` and change `dword_600002EE948` (see [this line](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185#file-isdeviceserviceable-c-L7)) which is at file offset `0x26C948`, from `0x01` to `0x00`, which makes `IsDeviceServiceable(void)` jump over its entire body and return 1 (supported CPU) immediately. This is my preferred method. **These offsets are only for the Windows 7 x64 version, I will upload `.xdelta` files for all of the other versions eventually. I haven't tested this yet, because I don't want to install this garbage update onto my PC, so it'll take me a while to test everything in a VM.**
+1. Patch `wuaueng.dll` and change `dword_600002EE948` (see [this line](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185#file-isdeviceserviceable-c-L7)) which is at file offset `0x26C948`, from `0x01` to `0x00`. This makes `IsDeviceServiceable(void)` jump over its entire body and return 1 (supported CPU) immediately. This is my preferred method. **Note: these offsets are only for the Windows 7 x64 version.**
 
-2. Patch `wuaueng.dll` and `nop` out all the instructions highlighted [here](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185#file-isdeviceserviceable-asm-L24-L26) in `IsDeviceServiceable(void)`, this will enable the usage of the `ForceUnsupportedCPU` of type `REG_DWORD` under the registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Test\Scan` (you will most likely have to create this registry key). Set this value to `0x00000001` to force unsupported CPUs, and back to `0x00000000` to change the behaviour back to default. You will probably need to restart your PC or restart the `wuauserv` service in order for changes to apply. **This behaviour is undocumented and could be removed in future updates.**
+2. Patch `wuaueng.dll` and `nop` out all the instructions highlighted [here](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185#file-isdeviceserviceable-asm-L24-L26) in `IsDeviceServiceable(void)`, this will enable the usage of the `ForceUnsupportedCPU` of type `REG_DWORD` under the registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Test\Scan` (you will most likely have to create this registry key). Set this value to `0x00000001` to force unsupported CPUs, and back to `0x00000000` to change the behaviour back to default. You will probably need to restart your PC or restart the `wuauserv` service in order for changes to apply. **This behaviour is an internal test feature used by Microsoft and could be removed in future updates, so I will not be providing xdelta files for it.**
 
 ## Caveats
 
-The only downside of these solutions is you have to apply a new patch whenever `wuaueng.dll` gets updated.
+- You have to apply a new patch whenever `wuaueng.dll` gets updated.
+- SFC scan errors will most likely occur as it will believe the integrity of the system has been compromised.
 
 [KB4012218]: https://www.catalog.update.microsoft.com/search.aspx?q=kb4012218
 [KB4012219]: https://www.catalog.update.microsoft.com/search.aspx?q=kb4012219
+[KB4015549]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015549
+[KB4015550]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015550
 [BinDiff]: https://www.zynamics.com/software.html
 [Diaphora]: http://diaphora.re

patch_scripts/aio/aio-wuaueng.dll-patch.bat

@@ -0,0 +1,157 @@
+@echo off
+
+net session >nul 2>&1 || (
+    echo This batch script requires administrator privileges. Right-click on
+    echo %~nx0 and select "Run as administrator".
+    goto :die
+)
+
+if not exist "%~dp0patches\" (
+    echo Patches folder not found! Make sure you extracted all the files from
+    echo the .zip, and the `patches` folder is in the same location as 
+    echo %~nx0, and then try again.
+    goto :die
+)
+
+echo Checking system requirements...
+
+:check_bitness
+wmic /output:stdout os get osarchitecture | find "64-bit" >nul && (
+    set "WINDOWS_BITNESS=x64"
+    set "XDELTA3_EXE=%~dp0xdelta3-3.0.11-x86_64.exe"
+    goto :check_version
+)
+wmic /output:stdout os get osarchitecture | find "32-bit" >nul && (
+    set "WINDOWS_BITNESS=x86"
+    set "XDELTA3_EXE=%~dp0xdelta3-3.0.11-i686.exe"
+    goto :check_version
+)
+goto :unsupported
+
+:check_version
+echo.
+wmic /output:stdout os get version | findstr "^6\.1\." >nul && (
+    set "WINDOWS_VER=6.1"
+    set "SUPPORTED_HOTFIXES=KB4015549 KB4015546 KB4012218"
+    echo Detected supported operating system: Windows 7 %WINDOWS_BITNESS%
+    goto :check_hotfix
+)
+wmic /output:stdout os get version | findstr "^6\.3\." >nul && (
+    set "WINDOWS_VER=8.1"
+    set "SUPPORTED_HOTFIXES=KB4015550 KB4015547 KB4012219"
+    echo Detected supported operating system: Windows 8.1 %WINDOWS_BITNESS%
+    goto :check_hotfix
+)
+
+:unsupported
+echo Detected that you are using an unsupported version of Windows.
+echo This patch only works on the following versions:
+echo - Windows 7 (x64 and x86)
+echo - Windows 8.1 (x64 and x86)
+echo - Windows Server 2008 R2
+echo - Windows Server 2012 R2
+goto :die
+
+:check_hotfix
+echo.
+for %%a in (%SUPPORTED_HOTFIXES%) do (
+    wmic /output:stdout qfe get hotfixid | find "%%a" >nul && (
+        set "INSTALLED_HOTFIX=%%a"
+        echo Detected supported update installed: %%a
+        goto :confirmation
+    )
+)
+
+echo Detected that no supported updates are installed! If you
+echo are getting unsupported hardware errors in Windows Update, please
+echo create an issue and post a list of any recently installed
+echo Windows Updates that could have caused it, and I will try
+echo to make a new patch for the update as soon as I can!
+echo https://github.com/zeffy/kb4012218-19/issues
+goto :die
+
+:confirmation
+echo.
+echo This patch is for Windows 7 and 8.1 (x64 and x86), as well as
+echo Windows Server 2008 R2 and Server 2012 R2, if you have another version
+echo of Windows, please close this window immediately.
+echo.
+echo I take no responsibility if you somehow ruin your PC with this script.
+echo.
+set /p CONTINUE=Enter 'Y' if you understand, and still want to continue: 
+if /i "%CONTINUE%" NEQ "Y" goto :cancel
+
+:ask
+echo.
+echo Would you like to install the patch or uninstall it?
+echo.
+echo 1. Install
+echo 2. Uninstall
+echo.
+set /p CHOICE=Enter your choice: 
+if /i "%CHOICE%" EQU "1" (
+    set "PATCH_TYPE=patch"
+    goto :begin
+)
+if /i "%CHOICE%" EQU "2" (
+    set "PATCH_TYPE=unpatch"
+    goto :begin
+)
+echo Invalid choice, please try again...
+goto :ask
+
+:begin
+echo.
+set "DELTA_FILE=%~dp0patches\Windows%WINDOWS_VER%-%INSTALLED_HOTFIX%-%WINDOWS_BITNESS%-%PATCH_TYPE%.xdelta"
+set "SYSTEM32_DIR=%windir%\System32"
+set "WUAUENG_DLL=%SYSTEM32_DIR%\wuaueng.dll"
+
+for /f "delims=" %%a in ('wmic os get localdatetime ^| find "."') do set dt=%%a
+set "TIMESTAMP=%dt:~0,4%-%dt:~4,2%-%dt:~6,2%_%dt:~8,2%-%dt:~10,2%-%dt:~12,2%"
+set "BACKUP_FILE=%WUAUENG_DLL%_%TIMESTAMP%_%random%.bak"
+set "ACL_TEMP_FILE=%temp%\wuaueng.dll_acl_%TIMESTAMP%_%random%.txt"
+
+net stop wuauserv
+
+takeown /F "%WUAUENG_DLL%" /A
+echo Backing up wuaueng.dll file permissions to `%ACL_TEMP_FILE%`...
+icacls "%WUAUENG_DLL%" /save "%ACL_TEMP_FILE%"
+icacls "%WUAUENG_DLL%" /grant Administrators:F
+move "%WUAUENG_DLL%" "%BACKUP_FILE%"
+
+"%XDELTA3_EXE%" -d -s "%BACKUP_FILE%" "%DELTA_FILE%" "%WUAUENG_DLL%"
+if errorlevel 1 (
+    set "THERE_WAS_AN_ERROR=%errorlevel%"
+    move /Y "%BACKUP_FILE%" "%WUAUENG_DLL%"
+)
+
+icacls "%WUAUENG_DLL%" /setowner "NT Service\TrustedInstaller"
+icacls "%SYSTEM32_DIR%" /restore "%ACL_TEMP_FILE%"
+
+net start wuauserv
+
+if defined THERE_WAS_AN_ERROR (
+    echo There was an error while %PATCH_TYPE%ing. Nothing has been modified. 
+    echo If you didn't screw with the script or anything like that and this
+    echo error was unexpected, please create an issue on my GitHub here: 
+    echo https://github.com/zeffy/kb4012218-19/issues
+) else (
+    echo Successfully %PATCH_TYPE%ed!
+    echo If you want to revert the changes that have been made for whatever
+    echo reason, you can run this script again. Or, you can also manually
+    echo restore the backup file located at `%BACKUP_FILE%`, by renaming it
+    echo back to `wuaueng.dll` and restoring the owner and permissions on the
+    echo file.
+)
+
+:die
+echo.
+echo Press any key to close . . .
+pause >nul
+exit
+
+:cancel
+echo.
+echo Canceled by user input, press any key to close . . .
+pause >nul
+exit