The Patchinstall.vbs script performs these tasks:
- The script reads a list of IP addresses for the remote host computers where you want to install the 824146 or the 823980 security patch. The script obtains this list from an ASCII text file (Ipfile.txt) that contains a list of IP address (one IP address per line). For example, you can use the Vulnerable.txt log file from the KB824146 scanning tool for the Ipfile.txt file.
- The script obtains the first IP address from the list.
- The script determines the Windows version on the destination computer.
- The script maps drive Z on the script computer to C$ on the destination computer.
- The script copies the correct version of the patch (for Windows XP, Windows 2000, or Windows Server 2003) to C:\Patchinst.exe on the destination computer (by using the drive Z mapping).
- The script causes the patch to be installed, and then automatically restarts the destination computers without any user input or dialog boxes by using the -q -f switches (Unattended installation mode).
- The script waits for the installation to complete.
- The script tries to delete the C:\Patchinst.exe file on the destination computer.
- The script removes the drive Z mapping.
- The script processes the next IP address in the list.
Important Microsoft recommends that you modify this sample script for your network environment, and that you then test your script in a test environment before you use it in a production environment.
To use the Patchinstall.vbs script, paste the following script in a text file that is named Patchinstall.vbs. Then, run the Patchinstall.vbs script by using the following command line:
cscript patchinstall.vbs Ipfile.txt LocalPathToPatches
In this command,
Ipfile.txt is a text file that contains a list of IP addresses for the remote host computers where you want to install the 824146 or the 823980 security patch.
LocalPathToPatches is the full path of a folder that contains the 824146 or the 823980 security patch packages (renamed to Patch_XP.exe
for Windows XP, Patch_W2k.exe for Windows 2000, and Patch_W2k3.exe for Windows Server 2003).
The Patchinstall.vbs Script
Microsoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure, but they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements.
' Patchinstall.vbs
' Patch installation script for MS03-026 and MS03-039
' (c) Microsoft 2003
' v1.03 cl
on error resume next
const XP_Patch = "Patch_XP.exe"
const W2k_Patch = "Patch_W2k.exe"
const W2k3_Patch = "Patch_W2k3.exe"
If right(ucase(wscript.FullName),11)="WSCRIPT.EXE" then
wscript.echo "ERROR: You must run this script using cscript, for example 'cscript " & wscript.scriptname & "'."
wscript.quit 0
end if
' USAGE
if wscript.arguments.count <> 2 then
wscript.echo "Usage: cscript " & wscript.scriptname & " <IpFile.txt> <LocalPathToPatches>" & vbCrLf & vbCrLf & _
" <LocalPathToPatches> must be a full path of a folder that contains all of these files:" & vbCrLf & _
" " & XP_Patch & vbCrLf & _
" " & W2k_Patch & vbCrLf & _
" " & W2k3_Patch
wscript.quit
end if
ipFile = wscript.arguments(0)
localPathToPatches = wscript.arguments(1)
set onet = createobject("wscript.network")
set ofs = createobject("scripting.filesystemobject")
' Verify that ipfile is accessible.
set oipFile = ofs.opentextfile(ipFile, 1, false)
if (Err.Number <> 0) then
wscript.echo "Cannot open " & ipFile
wscript.quit
end if
' Make sure to end with a \ character.
if right(localPathToPatches, 1) <> "\" then
localPathToPatches = localPathToPatches & "\"
end if
'Note that cim_datafile does not support UNC paths
'so everything must be handled through mapped drives.
if left(localPathToPatches, 2) = "\\" then
wscript.echo "<pathToExecutable> cannot be a UNC path, please map a drive locally"
wscript.quit
end if
exeWinXP = ofs.getfile(localPathToPatches + XP_Patch).name
exeW2k = ofs.getfile(localPathToPatches + W2k_Patch).name
exeW2k3 = ofs.getfile(localPathToPatches + W2k3_Patch).name
' Verify that the patches are accessible.
if ((len(exeWinXP) = 0) OR (len(exeW2k) = 0) OR (len(exeW2k3) = 0)) then
wscript.echo "Cannot find patch files."
wscript.echo "Please verify that the <LocalPathToPatches> folder contains all of these files:" & vbCrLf & _
" " & XP_Patch & vbCrLf & _
" " & W2k_Patch & vbCrLf & _
" " & W2k3_Patch
wscript.quit
end if
set osvcLocal = getobject("winmgmts:root\cimv2")
'The error-handling code is below the function that may throw one - execute it.
on error resume next
while not oipFile.atEndOfStream
ip = oipFile.ReadLine()
wscript.echo vbCrLf & "Connecting to " & ip & "..."
Err.Clear
set osvcRemote = GetObject("winmgmts:\\" & ip & "\root\cimv2")
if (Err.Number <> 0) then
wscript.echo "Failed to connect to " & ip & "."
else
exeCorrectPatch = detectOSPatch(osvcRemote)
if (exeCorrectPatch <> "") then
' Lay the bits on the remote computer.
wscript.echo "Installing patch " & exeCorrectPatch & "..."
onet.mapnetworkdrive "z:", "\\" & ip & "\C$"
set osourceFile = osvcLocal.get("cim_datafile=""" & replace(localPathToPatches, "\", "\\") & exeCorrectPatch & """")
ret = osourceFile.Copy("z:\\Patchinst.exe")
if (ret <> 0 and ret <> 10) then
' Failure detected and failure was not "file already exists."
wscript.echo "Failed copy to " & ip & " - error: " & ret
else
set oprocess = osvcRemote.Get("win32_process")
' Start the installation without user interaction, and force a restart after completion.
ret = oprocess.create("c:\\Patchinst.exe -q -f")
if (ret <> 0) then
wscript.echo "Failed to start process on " & ip & ": " & ret
else
' Get a reference to the file that was copied.
set odestFile = osvcLocal.get("cim_datafile=""z:\\Patchinst.exe""")
' Wait for the installation to complete.
for waitTime = 0 to 120 ' Lay and wait--up to two minutes for the installation to complete.
wscript.Sleep 1000 ' Sleep one second.
' Delete temporary file as soon as possible after it is freed.
if (odestFile.Delete() = 0) then
exit for
end if
next ' Otherwise, loop again and keep waiting...
wscript.echo "Installation successful."
end if 'Create process succeeded.
end if 'Copy succeeded.
onet.removenetworkdrive "z:", true
end if ' The script knows which patch to install.
end if ' Do the next IP address, then the next IP address...
wend
oipFile.close()
'Clean up, remove drive mapping (check this time, because it may not have been mapped).
if ofs.folderexists("z:\") then
onet.removenetworkdrive "z:", true
end if
wscript.echo vbCrLf & "Patching complete. Exiting."
function detectOSPatch(osvcRemote)
set oOSInfo = osvcRemote.InstancesOf("Win32_OperatingSystem")
'Only one instance is ever returned (the currently active OS), even though the following is a foreach.
for each objOperatingSystem in oOSInfo
if (objOperatingSystem.OSType <> 18) then
' Make sure that this computer is Windows NT-based.
wscript.echo ip & " is not a Windows XP, Windows 2000, or Windows 2003 Server computer."
else
if (objOperatingSystem.Version = "5.0.2195") then
' Windows 2000 SP2, SP3, SP4.
if (objOperatingSystem.ServicePackMajorVersion = 2) or (objOperatingSystem.ServicePackMajorVersion = 3) or _
(objOperatingSystem.ServicePackMajorVersion = 4) then
systemType = exeW2k
end if
elseif (objOperatingSystem.Version = "5.1.2600") then
' Windows XP RTM, SP1.
if (objOperatingSystem.ServicePackMajorVersion = 0) or (objOperatingSystem.ServicePackMajorVersion = 1) then
systemType = exeWinXP
end if
elseif (objOperatingSystem.Version = "5.2.3790") then
' Windows Server 2003 RTM
if (objOperatingSystem.ServicePackMajorVersion = 0) then
systemType = exeW2k3
end if
end if
if (systemType = "") then
'This was a Windows NT-based computer, but not with a valid service pack.
wscript.echo "Could not patch " & ip & " - unhandled OS version: " & objOperatingSystem.Caption & " SP" & _
objOperatingSystem.ServicePackMajorVersion & "("& objOperatingSystem.Version & ")"
end if
end if
next
detectOSPatch = systemType
end function