How to use a visual basic script to install the 824146 (MS03-039) or 823980 (MS03-026) security patch on remote host computers
This article includes a sample Microsoft Visual Basic Scripting Edition script that is named Patchinstall.vbs. This script is an example of how a network administrator can use Windows Management Instrumentation (WMI) scripting to install the 824146 (MS03-039) or the 823980 (MS03-026) security patch on remote host computers that do not have the patch installed in a Microsoft Windows NT, Windows 2000, or Windows Server 2003 domain environment. The Patchinstall.vbs script takes a file (Ipfile.txt) that contains IP addresses as input and installs the 824146 (MS03-039) or the 823980 (MS03-026) security patch from a known location on the remote host computer (C:\Patchinst.exe). For additional information about the 824146 (MS03-039) security patch, click the following article number to view the article in the Microsoft Knowledge Base:
824146 MS03-039: Buffer overrun in RPCSS may allow code executionFor additional information about the 823980 security patch, click the following article number to view the article in the Microsoft Knowledge Base:
823980 MS03-026: Buffer overrun in RPC may allow code executionFor additional information about a tool that network administrators can use to scan their network for computers that do not have these security patches installed, click the following article number to view the article in the Microsoft Knowledge Base:
827363 How to use the KB 824146 scanning tool to identify host computers that do not have the 823980 (MS03-026) or 824146 (MS03-039) security patches installed
- You must have administrative permissions on the remote destination computers to successfully install the 824146 or the 823980 security patch.
- Microsoft Windows XP-based destination computers must be joined to a Windows NT, Windows 2000, or Windows Server 2003 domain to successfully use the Patchinstall.vbs script.
- The Patchinstall.vbs script uses Windows Management Instrumentation (WMI). WMI depends on the Distributed Component Object Model (DCOM). Therefore, the Patchinstall.vbs does not work on destination computers where DCOM has been disabled to work around the vulnerability that is addressed by Microsoft Security Bulletins MS03-039 or MS03-026.
- The 824146 or the 823980 security patch packages must be located in a local folder on the computer where you run the Patchinstall.vbs script, and the packages must be renamed to Patch_XP.exe (for Windows XP), Patch_W2K.exe (for Windows 2000), and Patch_W2K3.exe (for Windows Server 2003).
- You can modify the Patchinstall.vbs script to install other patches.
The Patchinstall.vbs script performs these tasks:
- The script reads a list of IP addresses for the remote host computers where you want to install the 824146 or the 823980 security patch. The script obtains this list from an ASCII text file (Ipfile.txt) that contains a list of IP address (one IP address per line). For example, you can use the Vulnerable.txt log file from the KB824146 scanning tool for the Ipfile.txt file.
- The script obtains the first IP address from the list.
- The script determines the Windows version on the destination computer.
- The script maps drive Z on the script computer to C$ on the destination computer.
- The script copies the correct version of the patch (for Windows XP, Windows 2000, or Windows Server 2003) to C:\Patchinst.exe on the destination computer (by using the drive Z mapping).
- The script causes the patch to be installed, and then automatically restarts the destination computers without any user input or dialog boxes by using the -q -f switches (Unattended installation mode).
- The script waits for the installation to complete.
- The script tries to delete the C:\Patchinst.exe file on the destination computer.
- The script removes the drive Z mapping.
- The script processes the next IP address in the list.
To use the Patchinstall.vbs script, paste the following script in a text file that is named Patchinstall.vbs. Then, run the Patchinstall.vbs script by using the following command line:
cscript patchinstall.vbs Ipfile.txt LocalPathToPatchesIn this command, Ipfile.txt is a text file that contains a list of IP addresses for the remote host computers where you want to install the 824146 or the 823980 security patch. LocalPathToPatches is the full path of a folder that contains the 824146 or the 823980 security patch packages (renamed to Patch_XP.exe for Windows XP, Patch_W2k.exe for Windows 2000, and Patch_W2k3.exe for Windows Server 2003).
The Patchinstall.vbs ScriptMicrosoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure, but they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements.
' Patchinstall.vbs' Patch installation script for MS03-026 and MS03-039' (c) Microsoft 2003' v1.03 clon error resume nextconst XP_Patch = "Patch_XP.exe"const W2k_Patch = "Patch_W2k.exe"const W2k3_Patch = "Patch_W2k3.exe"If right(ucase(wscript.FullName),11)="WSCRIPT.EXE" then wscript.echo "ERROR: You must run this script using cscript, for example 'cscript " & wscript.scriptname & "'." wscript.quit 0end if' USAGEif wscript.arguments.count <> 2 then wscript.echo "Usage: cscript " & wscript.scriptname & " <IpFile.txt> <LocalPathToPatches>" & vbCrLf & vbCrLf & _ " <LocalPathToPatches> must be a full path of a folder that contains all of these files:" & vbCrLf & _ " " & XP_Patch & vbCrLf & _ " " & W2k_Patch & vbCrLf & _ " " & W2k3_Patch wscript.quitend ifipFile = wscript.arguments(0)localPathToPatches = wscript.arguments(1)set onet = createobject("wscript.network")set ofs = createobject("scripting.filesystemobject")' Verify that ipfile is accessible.set oipFile = ofs.opentextfile(ipFile, 1, false)if (Err.Number <> 0) then wscript.echo "Cannot open " & ipFile wscript.quitend if' Make sure to end with a \ character.if right(localPathToPatches, 1) <> "\" then localPathToPatches = localPathToPatches & "\"end if'Note that cim_datafile does not support UNC paths'so everything must be handled through mapped drives.if left(localPathToPatches, 2) = "\\" then wscript.echo "<pathToExecutable> cannot be a UNC path, please map a drive locally" wscript.quitend ifexeWinXP = ofs.getfile(localPathToPatches + XP_Patch).nameexeW2k = ofs.getfile(localPathToPatches + W2k_Patch).nameexeW2k3 = ofs.getfile(localPathToPatches + W2k3_Patch).name' Verify that the patches are accessible.if ((len(exeWinXP) = 0) OR (len(exeW2k) = 0) OR (len(exeW2k3) = 0)) then wscript.echo "Cannot find patch files." wscript.echo "Please verify that the <LocalPathToPatches> folder contains all of these files:" & vbCrLf & _ " " & XP_Patch & vbCrLf & _ " " & W2k_Patch & vbCrLf & _ " " & W2k3_Patch wscript.quitend ifset osvcLocal = getobject("winmgmts:root\cimv2")'The error-handling code is below the function that may throw one - execute it.on error resume nextwhile not oipFile.atEndOfStream ip = oipFile.ReadLine() wscript.echo vbCrLf & "Connecting to " & ip & "..." Err.Clear set osvcRemote = GetObject("winmgmts:\\" & ip & "\root\cimv2") if (Err.Number <> 0) then wscript.echo "Failed to connect to " & ip & "." else exeCorrectPatch = detectOSPatch(osvcRemote) if (exeCorrectPatch <> "") then ' Lay the bits on the remote computer. wscript.echo "Installing patch " & exeCorrectPatch & "..." onet.mapnetworkdrive "z:", "\\" & ip & "\C$" set osourceFile = osvcLocal.get("cim_datafile=""" & replace(localPathToPatches, "\", "\\") & exeCorrectPatch & """") ret = osourceFile.Copy("z:\\Patchinst.exe") if (ret <> 0 and ret <> 10) then ' Failure detected and failure was not "file already exists." wscript.echo "Failed copy to " & ip & " - error: " & ret else set oprocess = osvcRemote.Get("win32_process") ' Start the installation without user interaction, and force a restart after completion. ret = oprocess.create("c:\\Patchinst.exe -q -f") if (ret <> 0) then wscript.echo "Failed to start process on " & ip & ": " & ret else ' Get a reference to the file that was copied. set odestFile = osvcLocal.get("cim_datafile=""z:\\Patchinst.exe""") ' Wait for the installation to complete. for waitTime = 0 to 120 ' Lay and wait--up to two minutes for the installation to complete. wscript.Sleep 1000 ' Sleep one second. ' Delete temporary file as soon as possible after it is freed. if (odestFile.Delete() = 0) then exit for end if next ' Otherwise, loop again and keep waiting... wscript.echo "Installation successful." end if 'Create process succeeded. end if 'Copy succeeded. onet.removenetworkdrive "z:", true end if ' The script knows which patch to install. end if ' Do the next IP address, then the next IP address... wendoipFile.close()'Clean up, remove drive mapping (check this time, because it may not have been mapped).if ofs.folderexists("z:\") then onet.removenetworkdrive "z:", trueend ifwscript.echo vbCrLf & "Patching complete. Exiting."function detectOSPatch(osvcRemote) set oOSInfo = osvcRemote.InstancesOf("Win32_OperatingSystem") 'Only one instance is ever returned (the currently active OS), even though the following is a foreach. for each objOperatingSystem in oOSInfo if (objOperatingSystem.OSType <> 18) then ' Make sure that this computer is Windows NT-based. wscript.echo ip & " is not a Windows XP, Windows 2000, or Windows 2003 Server computer." else if (objOperatingSystem.Version = "5.0.2195") then ' Windows 2000 SP2, SP3, SP4. if (objOperatingSystem.ServicePackMajorVersion = 2) or (objOperatingSystem.ServicePackMajorVersion = 3) or _ (objOperatingSystem.ServicePackMajorVersion = 4) then systemType = exeW2k end if elseif (objOperatingSystem.Version = "5.1.2600") then ' Windows XP RTM, SP1. if (objOperatingSystem.ServicePackMajorVersion = 0) or (objOperatingSystem.ServicePackMajorVersion = 1) then systemType = exeWinXP end if elseif (objOperatingSystem.Version = "5.2.3790") then ' Windows Server 2003 RTM if (objOperatingSystem.ServicePackMajorVersion = 0) then systemType = exeW2k3 end if end if if (systemType = "") then 'This was a Windows NT-based computer, but not with a valid service pack. wscript.echo "Could not patch " & ip & " - unhandled OS version: " & objOperatingSystem.Caption & " SP" & _ objOperatingSystem.ServicePackMajorVersion & "("& objOperatingSystem.Version & ")" end if end if next detectOSPatch = systemTypeend function
Article ID: 827227 - Last Review: 09/05/2007 19:07:52 - Revision: 5.6
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86), Microsoft Windows Server 2003, Enterprise Edition (32-bit x86), Microsoft Windows Server 2003, Standard Edition (32-bit x86), Microsoft Windows Server 2003, Web Edition, Microsoft Windows XP Professional, Microsoft Windows XP Tablet PC Edition, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Professional Edition, Microsoft Windows 2000 Server
- kbinfo KB827227