i18n, new patches, minor bug fixes

README.md

@@ -1,23 +1,10 @@
-### [If you are looking for the latest patch files, you can find them here!](https://github.com/zeffy/kb4012218-19/releases)
+### [Click here if you are looking for the latest patch files!](https://github.com/zeffy/kb4012218-19/releases)
 
 ---
 
-### Here's a list of the Windows updates that I will be talking about in this paper:
+### [Click here for a list of Windows updates supported by this patch](docs/Supported_Updates.md)
 
-Title | Products | Classification | Last Updated | Version | Size
------ | -------- | -------------- | ------------ | ------- | ----
-March, 2017 Preview of Monthly Quality Rollup for Windows 7 ([KB4012218]) | Windows 7 | Updates | 3/16/2017 | n/a | 93.4 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4012218]) | Windows 7 | Updates | 3/16/2017 | n/a | 153.9 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows Server 2008 R2 x64 Edition ([KB4012218]) | Windows Server 2008 R2 | Updates | 3/16/2017 | n/a | 153.9 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 ([KB4012219]) | Windows 8.1 | Updates | 3/16/2017 | n/a | 121.2 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4012219]) | Windows 8.1 | Updates | 3/16/2017 | n/a | 218.0 MB
-March, 2017 Preview of Monthly Quality Rollup for Windows Server 2012 R2 ([KB4012219]) | Windows Server 2012 R2 | Updates | 3/16/2017 | n/a | 218.0 MB
-April, 2017 Security Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4015549]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 159.9 MB
-April, 2017 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems ([KB4015549]) | Windows Server 2008 R2 | Security Updates | 4/8/2017 | n/a | 159.9 MB
-April, 2017 Security Monthly Quality Rollup for Windows 7 ([KB4015549]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 97.6 MB
-April, 2017 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4015550]) | Windows 8.1 | Security Updates | 4/10/2017 | n/a | 220.9 MB
-April, 2017 Security Monthly Quality Rollup for Windows Server 2012 R2 ([KB4015550]) | Windows Server 2012 R2 | Security Updates | 4/10/2017 | n/a | 220.9 MB
-April, 2017 Security Monthly Quality Rollup for Windows 8.1 ([KB4015550]) | Windows 8.1 | Security Updates | 4/10/2017 | n/a | 122.4 MB
+---
 
 ## Preface
 
@@ -100,7 +87,7 @@ We have found culprits, [`IsDeviceServiceable(void)`](https://gist.github.com/ze
 
 `IsCPUSupported(void)` is only ever called by `IsDeviceServiceable(void)`, which is called by a few other functions. Luckily, there are a couple easy ways to kill this CPU check.
 
-1. Patch `wuaueng.dll` and change `dword_600002EE948` (see [this line](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185#file-isdeviceserviceable-c-L7)) which is at file offset `0x26C948`, from `0x01` to `0x00`. This makes `IsDeviceServiceable(void)` jump over its entire body and return 1 (supported CPU) immediately. This is my preferred method. **Note: these offsets are only for the Windows 7 x64 version.**
+1. Patch `wuaueng.dll` and change `dword_600002EE948` (see [this line](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185#file-isdeviceserviceable-c-L7)) which is at file offset `0x26C948`, from `0x01` to `0x00`. This makes `IsDeviceServiceable(void)` jump over its entire body and return 1 (supported CPU) immediately. This is my preferred method. **Note: this offset is only for the KB4012218-x64, for a list of all the patch offsets [click here](docs/Patch_Offsets.md).**
 
 2. Patch `wuaueng.dll` and `nop` out all the instructions highlighted [here](https://gist.github.com/zeffy/e5ec266952932bc905eb0cbc6ed72185#file-isdeviceserviceable-asm-L24-L26) in `IsDeviceServiceable(void)`, this will enable the usage of the `ForceUnsupportedCPU` of type `REG_DWORD` under the registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Test\Scan` (you will most likely have to create this registry key). Set this value to `0x00000001` to force unsupported CPUs, and back to `0x00000000` to change the behaviour back to default. You will probably need to restart your PC or restart the `wuauserv` service in order for changes to apply. **This behaviour is an internal test feature used by Microsoft and could be removed in future updates, so I will not be providing xdelta files for it.**
 
@@ -109,9 +96,5 @@ We have found culprits, [`IsDeviceServiceable(void)`](https://gist.github.com/ze
 - You have to apply a new patch whenever `wuaueng.dll` gets updated.
 - SFC scan errors will most likely occur as it will believe the integrity of the system has been compromised.
 
-[KB4012218]: https://www.catalog.update.microsoft.com/search.aspx?q=kb4012218
-[KB4012219]: https://www.catalog.update.microsoft.com/search.aspx?q=kb4012219
-[KB4015549]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015549
-[KB4015550]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015550
 [BinDiff]: https://www.zynamics.com/software.html
 [Diaphora]: http://diaphora.re

docs/Patch_Offsets.md

@@ -0,0 +1,14 @@
+Hotfix ID | Architecture | wuaueng.dll version | File offset | Original value | Patched value
+--------- | ------------ | ------------------- | ----------- | -------------- | -------------
+KB4012218 | x64 | 7.6.7601.23714 | `0x26C948` | `0x01` | `0x00`
+KB4012218 | x86 | 7.6.7601.23714 | `0x1E4638` | `0x01` | `0x00`
+KB4012219 | x64 | 7.9.9600.18621 | `0x34D3BC` | `0x01` | `0x00`
+KB4012219 | x86 | 7.9.9600.18621 | `0x2BFA50` | `0x01` | `0x00`
+KB4015546 and KB4015549 | x64 | 7.6.7601.23735 | `0x26C948` | `0x01` | `0x00`
+KB4015546 and KB4015549 | x86 | 7.6.7601.23735 | `0x1E4838` | `0x01` | `0x00`
+KB4015547 and KB4015550 | x64 | 7.9.9600.18628 | `0x34D5BC` | `0x01` | `0x00`
+KB4015547 and KB4015550 | x86 | 7.9.9600.18628 | `0x2BFA50` | `0x01` | `0x00`
+KB4015552 | x64 | 7.6.7601.23735 | `0x26C948` | `0x01` | `0x00`
+KB4015552 | x86 | 7.6.7601.23735 | `0x1E4838` | `0x01` | `0x00`
+KB4015553 | x64 | 7.9.9600.18628 | `0x34D5BC` | `0x01` | `0x00`
+KB4015553 | x86 | 7.9.9600.18628 | `0x2BFA50` | `0x01` | `0x00`

docs/Supported_Updates.md

@@ -0,0 +1,35 @@
+Title | Products | Classification | Last Updated | Version | Size
+----- | -------- | -------------- | ------------ | ------- | ----
+March, 2017 Preview of Monthly Quality Rollup for Windows 7 ([KB4012218]) | Windows 7 | Updates | 3/16/2017 | n/a | 93.4 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4012218]) | Windows 7 | Updates | 3/16/2017 | n/a | 153.9 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows Server 2008 R2 x64 Edition ([KB4012218]) | Windows Server 2008 R2 | Updates | 3/16/2017 | n/a | 153.9 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 ([KB4012219]) | Windows 8.1 | Updates | 3/16/2017 | n/a | 121.2 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4012219]) | Windows 8.1 | Updates | 3/16/2017 | n/a | 218.0 MB
+March, 2017 Preview of Monthly Quality Rollup for Windows Server 2012 R2 ([KB4012219]) | Windows Server 2012 R2 | Updates | 3/16/2017 | n/a | 218.0 MB
+April, 2017 Security Only Quality Update for Windows 7 ([KB4015546]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 23.2 MB
+April, 2017 Security Only Quality Update for Windows 7 for x64-based Systems ([KB4015546]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 37.5 MB
+April, 2017 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems ([KB4015546]) | Windows Server 2008 R2 | Security Updates | 4/8/2017 | n/a | 37.5 MB
+April, 2017 Security Only Quality Update for Windows 8.1 for x64-based Systems ([KB4015547]) | Windows 8.1 | Security Updates | 4/8/2017 | n/a | 15.6 MB
+April, 2017 Security Only Quality Update for Windows 8.1 ([KB4015547]) | Windows 8.1 | Security Updates | 4/8/2017 | n/a | 10.1 MB
+April, 2017 Security Only Quality Update for Windows Server 2012 R2 ([KB4015547]) | Windows Server 2012 R2 | Security Updates | 4/8/2017 | n/a | 15.6 MB
+April, 2017 Security Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4015549]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 159.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems ([KB4015549]) | Windows Server 2008 R2 | Security Updates | 4/8/2017 | n/a | 159.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows 7 ([KB4015549]) | Windows 7 | Security Updates | 4/8/2017 | n/a | 97.6 MB
+April, 2017 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4015550]) | Windows 8.1 | Security Updates | 4/10/2017 | n/a | 220.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows Server 2012 R2 ([KB4015550]) | Windows Server 2012 R2 | Security Updates | 4/10/2017 | n/a | 220.9 MB
+April, 2017 Security Monthly Quality Rollup for Windows 8.1 ([KB4015550]) | Windows 8.1 | Security Updates | 4/10/2017 | n/a | 122.4 MB
+April, 2017 Preview of Monthly Quality Rollup for Windows Server 2008 R2 x64 Edition ([KB4015552]) | Windows Server 2008 R2 | Updates | 4/13/2017 | n/a | 160.9 MB
+April, 2017 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems ([KB4015552]) | Windows 7 | Updates | 4/13/2017 | n/a | 160.9 MB
+April, 2017 Preview of Monthly Quality Rollup for Windows 7 ([KB4015552]) | Windows 7 | Updates | 4/13/2017 | n/a | 98.1 MB
+April, 2017 Preview of Monthly Quality Rollup for Windows Server 2012 R2 ([KB4015553]) | Windows Server 2012 R2 | Updates | 4/13/2017 | n/a | 224.0 MB
+April, 2017 Preview of Monthly Quality Rollup for Windows 8.1 ([KB4015553]) | Windows 8.1 | Updates | 4/13/2017 | n/a | 124.6 MB
+April, 2017 Preview of Monthly Quality Rollup for Windows 8.1 for x64-based Systems ([KB4015553]) | Windows 8.1 | Updates | 4/13/2017 | n/a | 224.0 MB
+
+[KB4012218]: https://www.catalog.update.microsoft.com/search.aspx?q=kb4012218
+[KB4012219]: https://www.catalog.update.microsoft.com/search.aspx?q=kb4012219
+[KB4015546]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015546
+[KB4015547]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015547
+[KB4015549]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015549
+[KB4015550]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015550
+[KB4015552]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015552
+[KB4015553]: https://www.catalog.update.microsoft.com/search.aspx?q=KB4015553

patch_scripts/aio/aio-wuaueng.dll-patch.bat

@@ -8,44 +8,59 @@ net session >nul 2>&1 || (
 
 if not exist "%~dp0patches\" (
     echo Patches folder not found! Make sure you extracted all the files from
-    echo the .zip, and the `patches` folder is in the same location as 
-    echo %~nx0, and then try again.
+    echo the .zip, and the 'patches' folder is in the same location
+    echo as %~nx0, and try again.
     goto :die
 )
 
 echo Checking system requirements...
 
 :check_bitness
-wmic /output:stdout os get osarchitecture | find "64-bit" >nul && (
-    set "WINDOWS_BITNESS=x64"
-    set "XDELTA3_EXE=%~dp0xdelta3-3.0.11-x86_64.exe"
-    goto :check_version
-)
-wmic /output:stdout os get osarchitecture | find "32-bit" >nul && (
-    set "WINDOWS_BITNESS=x86"
-    set "XDELTA3_EXE=%~dp0xdelta3-3.0.11-i686.exe"
-    goto :check_version
+if /I "%PROCESSOR_ARCHITECTURE%"=="AMD64" (
+    goto :is_x64
+) else (
+    if /I "%PROCESSOR_ARCHITEW6432%"=="AMD64" (
+        goto :is_x64
+    )
+    if /I "%PROCESSOR_ARCHITECTURE%"=="x86" (
+        set "WINDOWS_BITNESS=x86"
+        set "XDELTA3_EXE=%~dp0xdelta3-3.0.11-i686.exe"
+        goto :find_xdelta
+    )
 )
 goto :unsupported
 
-:check_version
+:is_x64
+set "WINDOWS_BITNESS=x64"
+set "XDELTA3_EXE=%~dp0xdelta3-3.0.11-x86_64.exe"
+
+:find_xdelta
 echo.
+if not exist "%XDELTA3_EXE%" (
+    echo xdelta3 %WINDOWS_BITNESS% not found! Make sure you extracted all the files from
+    echo the .zip. Make sure both of the xdelta3 .exe files are in the same location
+    echo as %~nx0, and try again.
+    goto :die
+)
+
 wmic /output:stdout os get version | findstr "^6\.1\." >nul && (
     set "WINDOWS_VER=6.1"
-    set "SUPPORTED_HOTFIXES=KB4015549 KB4015546 KB4012218"
+    set "SUPPORTED_HOTFIXES=KB4015552 KB4015549 KB4015546 KB4012218"
     echo Detected supported operating system: Windows 7 %WINDOWS_BITNESS%
     goto :check_hotfix
 )
 wmic /output:stdout os get version | findstr "^6\.3\." >nul && (
     set "WINDOWS_VER=8.1"
-    set "SUPPORTED_HOTFIXES=KB4015550 KB4015547 KB4012219"
+    set "SUPPORTED_HOTFIXES=KB4015553 KB4015550 KB4015547 KB4012219"
     echo Detected supported operating system: Windows 8.1 %WINDOWS_BITNESS%
     goto :check_hotfix
 )
 
 :unsupported
 echo Detected that you are using an unsupported version of Windows.
+echo.
 echo This patch only works on the following versions:
+echo.
 echo - Windows 7 (x64 and x86)
 echo - Windows 8.1 (x64 and x86)
 echo - Windows Server 2008 R2
@@ -57,7 +72,7 @@ echo.
 for %%a in (%SUPPORTED_HOTFIXES%) do (
     wmic /output:stdout qfe get hotfixid | find "%%a" >nul && (
         set "INSTALLED_HOTFIX=%%a"
-        echo Detected supported update installed: %%a
+        echo Detected installed supported update: %%a
         goto :confirmation
     )
 )
@@ -65,21 +80,28 @@ for %%a in (%SUPPORTED_HOTFIXES%) do (
 echo Detected that no supported updates are installed! If you
 echo are getting unsupported hardware errors in Windows Update, please
 echo create an issue and post a list of any recently installed
-echo Windows Updates that could have caused it, and I will try
-echo to make a new patch for the update as soon as I can!
+echo Windows updates that could have introduced it, and I will try
+echo to help you out.
 echo https://github.com/zeffy/kb4012218-19/issues
 goto :die
 
 :confirmation
 echo.
-echo This patch is for Windows 7 and 8.1 (x64 and x86), as well as
-echo Windows Server 2008 R2 and Server 2012 R2, if you have another version
-echo of Windows, please close this window immediately.
+echo This patch only works on the following versions of Windows:
+echo.
+echo - Windows 7 (x64 and x86)
+echo - Windows 8.1 (x64 and x86)
+echo - Windows Server 2008 R2 (reported as Windows 7 x64)
+echo - Windows Server 2012 R2 (reported as Windows 8.1 x64)
+echo.
+echo If you have another version of Windows, please close this window immediately.
+echo.
+echo By continuing, you acknowledge that you want to modify wuaueng.dll.
 echo.
 echo I take no responsibility if you somehow ruin your PC with this script.
 echo.
 set /p CONTINUE=Enter 'Y' if you understand, and still want to continue: 
-if /i "%CONTINUE%" NEQ "Y" goto :cancel
+if /I not "%CONTINUE%"=="Y" goto :cancel
 
 :ask
 echo.
@@ -89,11 +111,11 @@ echo 1. Install
 echo 2. Uninstall
 echo.
 set /p CHOICE=Enter your choice: 
-if /i "%CHOICE%" EQU "1" (
+if "%CHOICE%"=="1" (
     set "PATCH_TYPE=patch"
     goto :begin
 )
-if /i "%CHOICE%" EQU "2" (
+if "%CHOICE%"=="2" (
     set "PATCH_TYPE=unpatch"
     goto :begin
 )
@@ -103,7 +125,7 @@ goto :ask
 :begin
 echo.
 set "DELTA_FILE=%~dp0patches\Windows%WINDOWS_VER%-%INSTALLED_HOTFIX%-%WINDOWS_BITNESS%-%PATCH_TYPE%.xdelta"
-set "SYSTEM32_DIR=%windir%\System32"
+set "SYSTEM32_DIR=%systemroot%\System32"
 set "WUAUENG_DLL=%SYSTEM32_DIR%\wuaueng.dll"
 
 for /f "delims=" %%a in ('wmic os get localdatetime ^| find "."') do set dt=%%a
@@ -114,9 +136,10 @@ set "ACL_TEMP_FILE=%temp%\wuaueng.dll_acl_%TIMESTAMP%_%random%.txt"
 net stop wuauserv
 
 takeown /F "%WUAUENG_DLL%" /A
-echo Backing up wuaueng.dll file permissions to `%ACL_TEMP_FILE%`...
 icacls "%WUAUENG_DLL%" /save "%ACL_TEMP_FILE%"
-icacls "%WUAUENG_DLL%" /grant Administrators:F
+
+rem Administrators group SID
+icacls "%WUAUENG_DLL%" /grant *S-1-5-32-544:F
 move "%WUAUENG_DLL%" "%BACKUP_FILE%"
 
 "%XDELTA3_EXE%" -d -s "%BACKUP_FILE%" "%DELTA_FILE%" "%WUAUENG_DLL%"
@@ -125,23 +148,28 @@ if errorlevel 1 (
     move /Y "%BACKUP_FILE%" "%WUAUENG_DLL%"
 )
 
-icacls "%WUAUENG_DLL%" /setowner "NT Service\TrustedInstaller"
+rem NT Service\TrustedInstaller SID
+icacls "%WUAUENG_DLL%" /setowner *S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464
 icacls "%SYSTEM32_DIR%" /restore "%ACL_TEMP_FILE%"
 
 net start wuauserv
 
+echo.
 if defined THERE_WAS_AN_ERROR (
     echo There was an error while %PATCH_TYPE%ing. Nothing has been modified. 
     echo If you didn't screw with the script or anything like that and this
-    echo error was unexpected, please create an issue on my GitHub here: 
+    echo error was unexpected, please create an issue and include the output
+    echo of this window in your post.
     echo https://github.com/zeffy/kb4012218-19/issues
 ) else (
     echo Successfully %PATCH_TYPE%ed!
     echo If you want to revert the changes that have been made for whatever
-    echo reason, you can run this script again. Or, you can also manually
-    echo restore the backup file located at `%BACKUP_FILE%`, by renaming it
-    echo back to `wuaueng.dll` and restoring the owner and permissions on the
-    echo file.
+    echo reason, you can run this script again and pick the other option.
+    echo.
+    echo You can also manually restore the backup file located at 
+    echo '%BACKUP_FILE%' by renaming it 
+    echo back to wuaueng.dll, changing the owner back to "NT Service\TrustedInstaller", 
+    echo and restoring the original permissions from '%ACL_TEMP_FILE%'.
 )
 
 :die