search

halsey51013 / UpdateWindowsRE-CVE-2022-41099

Script to update Windows Recovery Environment to patch against CVE-2022-41099
20 stars 3 forks source link

SSU? #1

Open jdsemma opened 1 year ago

jdsemma commented 1 year ago

Any chance you can update this script to handle needed SSUs? For example, if you updated OS via an enablement package, it doesn't update the underlying WinRE version...

Stan-Gobien commented 1 year ago

I think my error is also because of missing SSU on the WinRE image. Error: 0x800f0823 Package C:\Windows\Temp\WinREFix.msu may have failed due to pending updates to servicing components in the image. Try the command again.

tylermontneyacc commented 1 year ago

Yep, from my tests you just need to wait a few seconds and run it again. Take a look at my fork, it handles this (as well as some other things).

Stan-Gobien commented 1 year ago

I tried waiting a couple of minutes but it was the same. From other information I read, it seems you need to install the SSU first in the image.

I tried your version, and I still got the same error. It seems your script then tries again, it was busy for at least 5 minutes. And then it showed:

True [Dismount-WinRE] Dismounting failed: REAGENTC.EXE: Operation failed: 70

REAGENTC.EXE: An error has occurred.

False

Stan-Gobien commented 1 year ago

I then executed the forked/revised script again, it starts the same. First error: Error: 0x800f0823 Package ...\Temp\CVE202241099.msu may have failed due to pending updates to servicing components in the image. Try the command again. The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log

But then after a couple of minutes now I get: True [00:02:08][Invoke-PSMitSec_CVE202241099] Windows RE updated successfully to build 2486

So hopefully, it worked now? I'm gonna do it a 3rd time just to check.

tylermontneyacc commented 1 year ago

I tried your version, and I still got the same error.

0x800f0823 will always happen once.

REAGENTC.EXE: Operation failed: 70

If -AutoResizeWinREPartition isn't used and your Recovery partition is 500 MB, you're going to get that error (not enough space).

I'm gonna do it a 3rd time just to check.

You probably won't get 0x800f0823 and the update will apply again as before. If the build number/date modified changed, it's updated. I'm still working on a way to confirm the KB has been applied. (I also got it on my list to improve console output.)