Sledgehammer - Windows 10 Update Control

Discussion in 'MDL Projects and Applications' started by pf100, Nov 28, 2016.

  1. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,820
    2,737
    60
  2. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,820
    2,737
    60
    @rpo The timeout problem is on an unbutchered LTSB 14393.3541 install. I won't be able to work on this any more until 3 days from now.
     
  3. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,082
    885
    60
    @pf100
    I've no LTSB or LTSC for testing, only standard Enterprise. Nevertheless i tryied to find a workaround to the timeoutsec issue by suppressing this parameter. The idea is using an asynchronous process to process the ms-defcon thing and watching it in the main stream by activating a timer testing the process completion. This technic uses the start-job and recieve-job powershell cmdlets.
    I hope you are well.
     
  4. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    3,685
    3,409
    120
    I have LTSB 2015, LTSB 2016 and LTSC 2019 VMs (for testing). If the code can be executed standalone, I could copy and test drive it a bit in the VMs.
     
  5. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,820
    2,737
    60
  6. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    3,685
    3,409
    120
    Have prepared the test environment and will check it out as soon as get back to the desktop.
    Well, it already works well in Windows 7... :clown:
     
  7. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,820
    2,737
    60
    I edited ms-defcon_test.cmd above to include a pause.
     
  8. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    3,685
    3,409
    120
    Checked it first with the latest build, 19619.1000. Testing was unreliable at timeout=10, when I changed that to timeout=30, it worked much better. No idea why, maybe because Powershell isn't exactly the fastest shell on earth (nicely put).
     
  9. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,082
    885
    60
  10. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,820
    2,737
    60
    FYI: In the last couple of weeks I've been planning and completed a new gaming computer build so I'm slacking on the script.
    Good pc parts are hard to get and requires a lot of planning to not waste money.
    It took a week to get the motherboard I wanted and found a used one in perfect condition that amazon found under some debris in the corner of a warehouse that was missing the box but had all the stuff that goes with it. That was too much work but it was worth it.
    I promise I'll get back to work on the script soon. Being stuck at home a lot now is actually great. :)
     
  11. freevista

    freevista MDL Junior Member

    Jan 14, 2009
    99
    39
    0
    After installing the 05-2020 cumulative to 1909 and rebooting, I noticed that some (but not all) of the update hijacker files were back to default permissions. Re-running Sledgehammer after the reboot fixed this of course. But should there be some mechanism to check these files automatically after update restart? Just running Wub.exe /d /p like normal might not be enough?

    set s32list=EOSNotify.exe WaaSMedic.exe WaasMedicSvc.dll WaaSMedicPS.dll WaaSAssessment.dll UsoClient.exe
    set s32list=%s32list% SIHClient.exe MusNotificationUx.exe MusNotification.exe osrss.dll
     
  12. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,820
    2,737
    60
    That's right, if those files permissions are restored to default, wub.exe /d /p won't be enough.
    I could create a permissions check at every boot if needed.
    The permissions should only get set to default if Windows 10 is updated so that a windows.old folder is created where it moves the windows folder to windows.old and creates an all new windows folder.
    Is KB4556799 the CU you're talking about?
     
  13. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    3,685
    3,409
    120
    Yes, please. Unattended one running as a task would be best*. Windows 10 is sneaky, unfortunately.

    *It should run the entire routine disabling WU service (WUB) + check and rectify permissions.
     
  14. freevista

    freevista MDL Junior Member

    Jan 14, 2009
    99
    39
    0
    Yes. KB4556799 installed new versions of MusNotificationUx.exe, SIHClient.exe, MusNotification.exe and WaaSAssessment.dll (new versions of those files appeared under WinSxS and installed in System32).
     
  15. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,820
    2,737
    60
    Okay.
    I was expecting this kind of thing eventually and am surprised it didn't happen sooner.