KB2984972 breaks concurrent RDP patch

Discussion in 'Windows 7' started by turducken, Oct 14, 2014.

  1. turducken

    turducken MDL Junior Member

    Nov 27, 2009
    56
    12
    0
    #1 turducken, Oct 14, 2014
    Last edited: Oct 15, 2014
  2. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    #2 Mr Jinje, Oct 14, 2014
    Last edited by a moderator: Apr 20, 2017
  3. murphy78

    murphy78 MDL DISM Enthusiast

    Nov 18, 2012
    6,787
    10,376
    210
  4. turducken

    turducken MDL Junior Member

    Nov 27, 2009
    56
    12
    0
    I re-installed the update and tried the registry hack. Neither value has any affect.
     
  5. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    Did you re-patch the termsrv with your patcher program after removing the kb ?
     
  6. turducken

    turducken MDL Junior Member

    Nov 27, 2009
    56
    12
    0
    No, I didn't need to. Removing the kb was all I needed to regain concurrent RDP functionality.
     
  7. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    gotcha, I should read closely. anyways, if you want, try that reg setting again, after installing the KB. be good to know if that allows you to keep the new KB, and the patch at the same time.
     
  8. murphy78

    murphy78 MDL DISM Enthusiast

    Nov 18, 2012
    6,787
    10,376
    210
    It's probably an intended thing to fix an exploit.
    The kb file might require additional permissions to wifi users, but it also fixes the exploits.
    If you have no worries about the exploits, I'd say just don't re-install it and ignore...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. turducken

    turducken MDL Junior Member

    Nov 27, 2009
    56
    12
    0
    I tried that.

    I'd like to know if I'm the only one experiencing this? If so, I'll dig further on my end.
     
  10. murphy78

    murphy78 MDL DISM Enthusiast

    Nov 18, 2012
    6,787
    10,376
    210
    It says it adds admin rights or something... try messing with elevating permissions on whatever programs people are using to launch things maybe?
    I feel like this is a problem that can be solved with permissions, not registry.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. turducken

    turducken MDL Junior Member

    Nov 27, 2009
    56
    12
    0
    Thank you! This seems likely. I run as a Standard User with some hardened ACL's and I'm not using the standard RDP port. I'll update tomorrow when I have more time to look into it.
     
  12. turducken

    turducken MDL Junior Member

    Nov 27, 2009
    56
    12
    0
    KB2984972 updates termsrv.dll. I believe we need a new patch/hex edit. The attached picture shows the version number prior to the update on the left and after the update on the right. Sorry for the earlier confusion.


    termsrv.jpg
     
  13. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,498
    15,288
    340
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    Can you attach both the actual termsrv.dll files so we can take a look.
     
  15. eradicator006

    eradicator006 MDL Novice

    Nov 17, 2008
    15
    0
    0
    The link Tito posted works for me with KB2984972 installed.
     
  16. lalo1

    lalo1 MDL Novice

    Oct 16, 2014
    9
    1
    0
    Mr. Jinje,

    Here is the new Win7/64 dll

    You'll need to remove spaces because I don't have enough post count yet...

    mediafire dot com / download / 5d41blvw8okdfa4/ termsrv.rar

    The wrapper is clever but it requires that I trust someone's code. I'd prefer to have a patched dll, where I can see that there are only 20 bytes changed. I know there's not enough space to hide something there :)

    It'd be good to have the choice of patched DLL or Wrapper for Win7 and Win8 then people can pick the one that seems best for them.

    Thanks
    Lalo
     
  17. unknownsoldierx

    unknownsoldierx MDL Novice

    Jan 14, 2008
    3
    0
    0
    Where does the new dll come from? Is there a version for Win7 x86?
     
  18. 1radman

    1radman MDL Novice

    Oct 16, 2014
    5
    1
    0
    Mr. Jinje:

    Here's a link for a zip containing the old patched and new unpatched Win7 64 and Win8.1 64 termsrv.dlls (1 zip, 2 folders, 2 files each)

    drive dot google dot com/file/d/0B7GDYqO3KOiGQWJKazllczJuTk0/view?usp=sharing

    Thanks in advance!
     
  19. x28x

    x28x MDL Novice

    Mar 20, 2013
    4
    4
    0
    I made a patched binary file for x64. This patch seems working like old one. But I didn't check about opcodes. That's came from old patch.

    file: anonfiles dot com/file/421d8221e150cd696759121280986968
     

    Attached Files:

  20. lalo1

    lalo1 MDL Novice

    Oct 16, 2014
    9
    1
    0
    Thank you!

    This works almost perfectly. At the end of the script, you try to restart the service but an Error 5 Access Denied is generated. This is because Network Service no longer has security to access termsrv.dll. I added that back, then the service starts OK.

    Thanks again!

    Lalo

    P.S. I don't need this (yet), but would be nice to have the same thing for Windows 8. AFAIK, all that is available now is the wrapper...