How to use a visual basic script to install the 824146 (MS03-039) or 823980 (MS03-026) security patch on remote host computers

Article translations Article translations
Article ID: 827227 - View products that this article applies to.
Expand all | Collapse all

On This Page

SUMMARY

This article includes a sample Microsoft Visual Basic Scripting Edition script that is named Patchinstall.vbs. This script is an example of how a network administrator can use Windows Management Instrumentation (WMI) scripting to install the 824146 (MS03-039) or the 823980 (MS03-026) security patch on remote host computers that do not have the patch installed in a Microsoft Windows NT, Windows 2000, or Windows Server 2003 domain environment. The Patchinstall.vbs script takes a file (Ipfile.txt) that contains IP addresses as input and installs the 824146 (MS03-039) or the 823980 (MS03-026) security patch from a known location on the remote host computer (C:\Patchinst.exe). For additional information about the 824146 (MS03-039) security patch, click the following article number to view the article in the Microsoft Knowledge Base:
824146 MS03-039: Buffer overrun in RPCSS may allow code execution
For additional information about the 823980 security patch, click the following article number to view the article in the Microsoft Knowledge Base:
823980 MS03-026: Buffer overrun in RPC may allow code execution
For additional information about a tool that network administrators can use to scan their network for computers that do not have these security patches installed, click the following article number to view the article in the Microsoft Knowledge Base:
827363 How to use the KB 824146 scanning tool to identify host computers that do not have the 823980 (MS03-026) or 824146 (MS03-039) security patches installed

Notes

  • You must have administrative permissions on the remote destination computers to successfully install the 824146 or the 823980 security patch.
  • Microsoft Windows XP-based destination computers must be joined to a Windows NT, Windows 2000, or Windows Server 2003 domain to successfully use the Patchinstall.vbs script.
  • The Patchinstall.vbs script uses Windows Management Instrumentation (WMI). WMI depends on the Distributed Component Object Model (DCOM). Therefore, the Patchinstall.vbs does not work on destination computers where DCOM has been disabled to work around the vulnerability that is addressed by Microsoft Security Bulletins MS03-039 or MS03-026.
  • The 824146 or the 823980 security patch packages must be located in a local folder on the computer where you run the Patchinstall.vbs script, and the packages must be renamed to Patch_XP.exe (for Windows XP), Patch_W2K.exe (for Windows 2000), and Patch_W2K3.exe (for Windows Server 2003).
  • You can modify the Patchinstall.vbs script to install other patches.

MORE INFORMATION

The Patchinstall.vbs script performs these tasks:
  • The script reads a list of IP addresses for the remote host computers where you want to install the 824146 or the 823980 security patch. The script obtains this list from an ASCII text file (Ipfile.txt) that contains a list of IP address (one IP address per line). For example, you can use the Vulnerable.txt log file from the KB824146 scanning tool for the Ipfile.txt file.
  • The script obtains the first IP address from the list.
  • The script determines the Windows version on the destination computer.
  • The script maps drive Z on the script computer to C$ on the destination computer.
  • The script copies the correct version of the patch (for Windows XP, Windows 2000, or Windows Server 2003) to C:\Patchinst.exe on the destination computer (by using the drive Z mapping).
  • The script causes the patch to be installed, and then automatically restarts the destination computers without any user input or dialog boxes by using the -q -f switches (Unattended installation mode).
  • The script waits for the installation to complete.
  • The script tries to delete the C:\Patchinst.exe file on the destination computer.
  • The script removes the drive Z mapping.
  • The script processes the next IP address in the list.
Important Microsoft recommends that you modify this sample script for your network environment, and that you then test your script in a test environment before you use it in a production environment.

To use the Patchinstall.vbs script, paste the following script in a text file that is named Patchinstall.vbs. Then, run the Patchinstall.vbs script by using the following command line:
cscript patchinstall.vbs Ipfile.txt LocalPathToPatches
In this command, Ipfile.txt is a text file that contains a list of IP addresses for the remote host computers where you want to install the 824146 or the 823980 security patch. LocalPathToPatches is the full path of a folder that contains the 824146 or the 823980 security patch packages (renamed to Patch_XP.exe for Windows XP, Patch_W2k.exe for Windows 2000, and Patch_W2k3.exe for Windows Server 2003).

The Patchinstall.vbs Script

Microsoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure, but they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements.
' Patchinstall.vbs
' Patch installation script for MS03-026 and MS03-039
' (c) Microsoft 2003
' v1.03 cl

on error resume next

const XP_Patch = "Patch_XP.exe"
const W2k_Patch = "Patch_W2k.exe"
const W2k3_Patch = "Patch_W2k3.exe"

If right(ucase(wscript.FullName),11)="WSCRIPT.EXE" then
     wscript.echo "ERROR: You must run this script using cscript, for example 'cscript " & wscript.scriptname & "'."
     wscript.quit 0
end if

' USAGE
if wscript.arguments.count <> 2 then
     wscript.echo "Usage: cscript " & wscript.scriptname & " <IpFile.txt> <LocalPathToPatches>" & vbCrLf & vbCrLf & _
     "  <LocalPathToPatches> must be a full path of a folder that contains all of these files:" & vbCrLf & _
     "      " & XP_Patch & vbCrLf & _ 
     "      " & W2k_Patch & vbCrLf & _ 
     "      " & W2k3_Patch
     wscript.quit
end if

ipFile = wscript.arguments(0)
localPathToPatches = wscript.arguments(1)

set onet = createobject("wscript.network")
set ofs = createobject("scripting.filesystemobject")

' Verify that ipfile is accessible.
set oipFile = ofs.opentextfile(ipFile, 1, false)
if (Err.Number <> 0) then
     wscript.echo "Cannot open " & ipFile
     wscript.quit
end if

' Make sure to end with a \ character.
if right(localPathToPatches, 1) <> "\" then
     localPathToPatches = localPathToPatches & "\"
end if

'Note that cim_datafile does not support UNC paths
'so everything must be handled through mapped drives.
if left(localPathToPatches, 2) = "\\" then
     wscript.echo "<pathToExecutable> cannot be a UNC path, please map a drive locally"
     wscript.quit
end if

exeWinXP = ofs.getfile(localPathToPatches + XP_Patch).name
exeW2k = ofs.getfile(localPathToPatches + W2k_Patch).name
exeW2k3 = ofs.getfile(localPathToPatches + W2k3_Patch).name

' Verify that the patches are accessible.
if ((len(exeWinXP) = 0) OR (len(exeW2k) = 0) OR (len(exeW2k3) = 0)) then
     wscript.echo "Cannot find patch files."
     wscript.echo "Please verify that the <LocalPathToPatches> folder contains all of these files:" & vbCrLf & _
     "      " & XP_Patch & vbCrLf & _ 
     "      " & W2k_Patch & vbCrLf & _ 
     "      " & W2k3_Patch
     wscript.quit
end if


set osvcLocal = getobject("winmgmts:root\cimv2")

'The error-handling code is below the function that may throw one - execute it.
on error resume next

while not oipFile.atEndOfStream
     ip = oipFile.ReadLine()
     wscript.echo vbCrLf & "Connecting to " & ip & "..."

     Err.Clear
     set osvcRemote = GetObject("winmgmts:\\" & ip & "\root\cimv2")

     if (Err.Number <> 0) then
          wscript.echo "Failed to connect to " & ip & "."
     else

          exeCorrectPatch = detectOSPatch(osvcRemote)
          if (exeCorrectPatch <> "") then
               ' Lay the bits on the remote computer.
               wscript.echo "Installing patch " & exeCorrectPatch & "..."

               onet.mapnetworkdrive "z:", "\\" & ip & "\C$"
               set osourceFile = osvcLocal.get("cim_datafile=""" & replace(localPathToPatches, "\", "\\") & exeCorrectPatch & """")
               ret = osourceFile.Copy("z:\\Patchinst.exe")

               if (ret <> 0 and ret <> 10) then
                    ' Failure detected and failure was not "file already exists."
                    wscript.echo "Failed copy to " & ip & " - error: " & ret
               else
                    set oprocess = osvcRemote.Get("win32_process")
     
                    ' Start the installation without user interaction, and force a restart after completion.
                    ret = oprocess.create("c:\\Patchinst.exe -q -f")
                    if (ret <> 0) then
                         wscript.echo "Failed to start process on " & ip & ": " & ret
                    else
                         ' Get a reference to the file that was copied.
                         set odestFile = osvcLocal.get("cim_datafile=""z:\\Patchinst.exe""")

                         ' Wait for the installation to complete.
                         for waitTime = 0 to 120     ' Lay and wait--up to two minutes for the installation to complete.
                              wscript.Sleep 1000     ' Sleep one second.
                              ' Delete temporary file as soon as possible after it is freed.
                              if (odestFile.Delete() = 0) then
                                   exit for
                              end if
                         next ' Otherwise, loop again and keep waiting...

                         wscript.echo "Installation successful."

                    end if     'Create process succeeded.
               end if     'Copy succeeded.

               onet.removenetworkdrive "z:", true
          end if      ' The script knows which patch to install.
     end if ' Do the next IP address, then the next IP address... 
wend

oipFile.close()

'Clean up, remove drive mapping (check this time, because it may not have been mapped).
if ofs.folderexists("z:\") then
     onet.removenetworkdrive "z:", true
end if

wscript.echo vbCrLf & "Patching complete. Exiting."

function detectOSPatch(osvcRemote)

     set oOSInfo = osvcRemote.InstancesOf("Win32_OperatingSystem")
     'Only one instance is ever returned (the currently active OS), even though the following is a foreach.
     for each objOperatingSystem in oOSInfo

          if (objOperatingSystem.OSType <> 18) then
               ' Make sure that this computer is Windows NT-based.
               wscript.echo ip & " is not a Windows XP, Windows 2000, or Windows 2003 Server computer."
          else
               if (objOperatingSystem.Version = "5.0.2195") then
                    ' Windows 2000 SP2, SP3, SP4.
                    if (objOperatingSystem.ServicePackMajorVersion = 2) or (objOperatingSystem.ServicePackMajorVersion = 3) or _
			(objOperatingSystem.ServicePackMajorVersion = 4) then
                         systemType = exeW2k
                    end if

               elseif (objOperatingSystem.Version = "5.1.2600") then
                    ' Windows XP RTM, SP1.
                    if (objOperatingSystem.ServicePackMajorVersion = 0) or (objOperatingSystem.ServicePackMajorVersion = 1) then
                         systemType = exeWinXP
                    end if

               elseif (objOperatingSystem.Version = "5.2.3790") then
                    ' Windows Server 2003 RTM
                    if (objOperatingSystem.ServicePackMajorVersion = 0) then
                         systemType = exeW2k3
                    end if
               end if

               if (systemType = "") then 
                    'This was a Windows NT-based computer, but not with a valid service pack.
                    wscript.echo "Could not patch " & ip & " - unhandled OS version: " & objOperatingSystem.Caption & " SP" & _
				objOperatingSystem.ServicePackMajorVersion & "("& objOperatingSystem.Version & ")"
               end if
          end if

     next

     detectOSPatch = systemType

end function

Properties

Article ID: 827227 - Last Review: September 5, 2007 - Revision: 5.6
APPLIES TO
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Tablet PC Edition
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows 2000 Server
Keywords: 
kbinfo KB827227

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com