Hex fixes for 32bit and 64bit, 17514 and 18540 17514 x64 Find: 8b 87 38 06 00 00 39 87 3c 06 00 00 0f 84 5e c3 00 00 Repl: b8 00 01 00 00 90 89 87 38 06 00 00 90 90 90 90 90 90 Find: 60 bb 01 00 00 00 c7 44 Repl: 60 bb 00 00 00 00 c7 44 Find: 50 00 74 18 48 8d 15 79 Repl: 50 00 eb 18 48 8d 15 79 ----------------------------------------------------------- 18540 x64 Find: 8b 87 38 06 00 00 39 87 3c 06 00 00 0f 84 2f c3 00 00 @1727C Repl: b8 00 01 00 00 90 89 87 38 06 00 00 90 90 90 90 90 90 Find: 60 bb 01 00 00 00 c7 44 @17604 Repl: 60 bb 00 00 00 00 c7 44 Find: 50 01 76 1b 48 8d 15 79 @57dac Repl: 50 00 eb 1b 48 8d 15 79 =========================================================== 17514 x32 Find: 3b 86 20 03 00 00 0f 84 ff 14 01 00 57 6a 20 e8 @19153 Repl: b8 00 01 00 00 90 89 86 20 03 00 00 57 6a 20 e8 Find: 85 e0 fe ff ff 43 50 c7 85 e0 fe ff ff 1c 01 00 @19898 Repl: 85 e0 fe ff ff 90 50 c7 85 e0 fe ff ff 1c 01 00 Find: f8 74 2f 68 88 62 34 6f @655e4 Repl: f8 e9 2c 00 00 00 34 6f ----------------------------------------------------------- 18540 x32 Find: 3b 86 20 03 00 00 0f 84 03 15 01 00 57 6a 20 e8 @1919f Repl: b8 00 01 00 00 90 89 86 20 03 00 00 57 6a 20 e8 Find: 85 e0 fe ff ff 43 50 c7 85 e0 fe ff ff 1c 01 00 @198e0 Repl: 85 e0 fe ff ff 90 50 c7 85 e0 fe ff ff 1c 01 00 Find: f8 74 1a 68 80 65 34 6f @657c7 Repl: f8 e9 2c 00 00 00 34 6f I use a wrapper script that changes permissions, backs up the old file, stops the service, puts in the new file, starts the service. Script figures out which bitness and dll version the remote has, and patches accordingly. Have a second script on my control workstation that deploys and remotely executes (via psexec) the wrapper script. "deploy <machinename>", bam, now I can remotely administer without bothering the user. Though, admittedly, their browser may "mysteriously crash" when I'm trying to update Java.
It appears I have the same 18540 x64 fix as the previous poster, I just found it using different substrings. No worries, there aren't two separate fixes, all credit to first poster.
Thanks, so assuming I upgrade from Win 8 to 8.1, please can you outline the exact steps I need to take to get multiple RDP sessions working again. I'm a little stuck and I could really do with some help. Your assistance is greatly appreciated.
I made x64 version of termsrv.dll (KB3003743, 6.1.7601.18637). https anonfiles dot com/file/db18fabed0c481c01bd2f25630efe04b The x86 version is made by masslakoff, thanks.
According to other sources and my own testing editing the 8B 87 38 06 00 00 39 87 ** ** ** ** ** ** ** ** ** ** (x64) or 00 3B 86 20 03 00 00 0F ** ** ** ** (x86) string is all that is needed to allow concurrent sessions in 6.1.7601.18637. Does anyone know if the 60 BB 01 00 00 00 and 50 00 74 18 48 8D strings (in x64) are important to replace for some other reason?
6.1.7601.18647 64bit search for 8B 87 38 06 00 00 39 87 3C 06 00 00 0F 84 EB C2 00 00 replace with B8 00 01 00 00 90 89 87 38 06 00 00 90 90 90 90 90 90 search for 4c 24 60 bb 01 00 00 00 replace with 4c 24 60 bb 00 00 00 00 search for 83 7c 24 50 00 74 18 48 8d replace with 83 7c 24 50 00 eb 18 48 8d
tvcat- I'm not sure if your post was intended as response to mine; but in any case, I think I should make my question more clear. Out of the 3 above strings, it appears that only the 1st one is actually necessary to enable concurrent sessions. Are the 2nd two string replacements needed for some kind of checksum or file validation? Does anyone know what will happen if I only replace the 1st string? I understand that this is likely a trivial concern, but considering the vulnerabilities inherent in remote access, I'd like to keep changes to system files at an absolute minimum. Thanks!
Can anyone please confirm that this is the right version? I've applied the patch as packaged by x28x on Win7 Home (32bit), but I'm still unable to log in via RDP.
Updated the patched file of x86 version. https anonfiles dot com/file/a2ac6440c540c63fbda91bfd02bf2dff
OK, on further testing it appears that the second two replacements are part of enabling RDP on Windows 7 Home edition. They aren't necessary for Professional/Ultimate. (I'd still love to know what they actually do...)