-
Notifications
You must be signed in to change notification settings - Fork 0
/
MSDT-Patch.nsi
72 lines (60 loc) · 3.45 KB
/
MSDT-Patch.nsi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
; Microsoft Diagnostic Toolkit (MSDT) CVE-2022-30190 (Follina) mitigation patch
; The purpose of this simple NSIS program is to apply and roll back the suggested
; mitigation as per:
; https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190
; HM NIS Edit Wizard helper defines
!define PRODUCT_NAME "MSDTPatcher"
!define PRODUCT_VERSION "1.0"
SetCompressor bzip2
Name "${PRODUCT_NAME} ${PRODUCT_VERSION}"
OutFile "${PRODUCT_NAME}-${PRODUCT_VERSION}.exe"
;LoadLanguageFile "${NSISDIR}\Contrib\Language files\English.nlf"
; InstallDir "$PROGRAMFILES\MSDT Patcher"
;Icon "${NSISDIR}\Contrib\Graphics\Icons\modern-install.ico"
Section "MainSection" SEC01
EnumRegKey $1 HKCR "ms-msdt" 0 ; Check if HKCR\ms-msdt exists
StrCmp $1 "" patched ; If the HKCR\ms-msdt key doesn't exist, patch was applied
MessageBox MB_YESNO|MB_ICONQUESTION "It looks like this system may be vulnerable to the MS $\r$\n\
Diagnostic Toolkit (MSDT) vulnerability.$\r$\n$\r$\n\
Would you like to apply the mitigation patch?" \
IDYES applypatch \
IDNO abort
applypatch:
DeleteRegKey HKCR "ms-msdt"
EnumRegKey $1 HKCR "ms-msdt" 0 ; Check if HKCR\ms-msdt exists
StrCmp $1 "" patchsuccess patchfail
patchsuccess:
MessageBox MB_OK|MB_ICONINFORMATION "Mitigation applied successfully. To revert the change $\r$\n\
run this program again."
Quit
patchfail:
MessageBox MB_OK|MB_ICONEXCLAMATION "Failed to apply mitigation patch! Please try running this $\r$\n\
program again with administrative privileges (Run As Administrator)."
Abort "Failed to apply mitigation patch. Try re-running as Administrator."
patched:
MessageBox MB_YESNO|MB_ICONQUESTION "It looks like the mitigation is in place already. You can $\r$\n\
undo the mitigation patch if you have already installed a $\r$\n\
fix for it from Microsoft. Otherwise, please click 'No' to exit.\
$\r$\n$\r$\nDo you wish to revert (undo the mitigation patch)?" \
IDNO abort \
IDYES undopatch
undopatch:
WriteRegStr HKCR "ms-msdt" "" "URL:ms-msdt"
WriteRegDWORD HKCR "ms-msdt" "EditFlags" 0x200000
WriteRegStr HKCR "ms-msdt" "URL Protocol" ""
WriteRegExpandStr HKCR "ms-msdt\shell\open\command" "" "$\"%SystemRoot%\system32\msdt.exe$\" %1"
EnumRegKey $1 HKCR "ms-msdt" 0 ; Check if HKCR\ms-msdt exists
StrCmp $1 "" undofail undosuccess
undofail:
MessageBox MB_OK|MB_ICONEXCLAMATION "Failed to undo mitigation patch! Please try running this $\r$\n\
program again with administrative privileges (Run As Administrator)."
Abort "Failed to apply mitigation patch. Try re-running as Administrator."
undosuccess:
MessageBox MB_OK|MB_ICONINFORMATION "Mitigation patch rolled back successfully. If you did not $\r$\n\
yet install the fix from Microsoft, please run this program $\r$\n\
again to re-apply the patch!"
Quit
abort:
MessageBox MB_OK|MB_ICONINFORMATION "No changes were made as you requested. This program will now exit."
Abort "User cancelled."
SectionEnd