WMF notes

In here attempting to patch the 35 or so Windows machines that we've got at work. So far, it looks like I should be able to do this remotely using SSH and Cygwin. That depends, of course, on having very fucking silent ways of running everything. So far this has worked for me, on XP/SP2 and 2K/SP4:

1. regsvr32: None of the bits I've seen from SANS mentions it, but there is a silent option. Do it like so: regsvr32 /s /u %windir%\wystem32\shimgvw.dll However: I cannot get %windir% to work with Cygwin. According to this it should work as %WINDIR%, but it doesn't for me. Two things do seem to work: either change directory to /cygdrive/c (Cygwin-specific location of the C: drive) and use an absolute path (winnt\\system32\\shimgvw.dll), or run CMD to get a DOS/Windows shell and use %windir%.

2. The Unofficial Patch: Use the options: /VERYSILENT /SUPPRESSMSGBOXES However, it has problems if you try applying it on a machine that already has had the patch -- remotely, execution will just hang. If you run it locally w/o those options, you'll get a message saying it's already been applied; I guess that case is not handled well when run silently. Oh, and when the patch is applied silently, it'll reboot the machine immediately and without warning.

Thanks to Cygwin, I've got SSH running on most Windows machines here; I should be able to come up with some way of doing this all in one step. I'll post whatever I can figure out.

Update: Yep, a simple batch file does the trick:

regsvr32 /s /u %windir%\system32\shimgvw.dll c:\cygwin\home\Administrator\wmffix_hexblog13.exe /VERYSILENT /SUPPRESSMSGBOXES

chmod 755 both the batch file and the fix, and away we go. The machine passes the test made by the guy who wrote the unofficial patch, which is as close as I think I can come to being sure that it all works. Further Update: Four hours later, done...but I've finally got SSH set up on the few machines I had left, so that's what took up most of the time.