Silent WMF Hotfix Installer

The new version is suitable for automated setup (for example, in logon scripts).


Due to popular demand the new version of the setup can work in fully silent mode. If run without command line parameters, it will behave normally – display the welcome window, ask for confirmations, etc. To run it silently, use the following command line:

wmffix_hexblog14.exe /VERYSILENT /SUPPRESSMSGBOXES

In the case of a successful install, the computer will reboot. Otherwise the setup will exit with one the following codes:

  • 1 Setup failed to initialize.
  • 3 A fatal error occurred while preparing to move to the next installation phase (for example, from displaying the pre-installation wizard pages to the actual installation process). This should never happen except under the most unusual of circumstances, such as running out of memory or Windows resources.
  • 4 A fatal error occurred during the actual installation process. Note: Errors that cause an Abort-Retry-Ignore box to be displayed are not fatal errors. If the user chooses Abort at such a message box, exit code 5 will be returned.
  • 5 The user chose Abort at an Abort-Retry-Ignore box.
  • 10 The fix is already present on the system
  • 11 The fix can not be installed because the system is not supported

The prevent the computer from rebooting the /NORESTART command line switch can be used. However, full protection is not achieved without a reboot.
If you already have any previous version of the fix installed, there is no need to reinstall. Old hotfixes are as good as the new one in protecting your computer.
Second good news is about the vulnerability checker. It too understands the /SILENT command line switch and in the silent mode it does not display anything on the screen. The errorlevel can be checked from a batch file.
We wish you easy installation of the fix and safe computing!
P.S. I had to turn off the comments to save the bandwidth. A discussion forum is open here.
Here is a sample batch file to check the fix:

@echo off
rem Batch for to illustrate how to use wmf_checker in the silent mode
wmf_checker_hexblog /SILENT
if errorlevel 2 goto bad_error
if errorlevel 1 goto vulnerable
echo You system seems to be invulnerable
goto end
:vulnerable
echo You system is VULNERABLE! Please install the fix from http://www.hexblog.com
goto end
:bad_error
echo Something bad happened to the checker
goto end
:end

The files can be downloaded from the following links:
http://www.hexblog.com/security/files/wmffix_hexblog14.exe
(md5: 15f0a36ea33f39c1bcf5a98e51d4f4f6)
http://www.hexblog.com/security/files/wmf_checker_hexblog.exe
(md5: ba65e1954070074ea634308f2bab0f6a)
http://www.hexblog.com/security/files/wmfhotfix.cpp
(source code of the hotfix)
http://www.hexblog.com/security/files/wmf_checker_source.zip
(source code of the checker)

This entry was posted in Security. Bookmark the permalink.

2 Responses to Silent WMF Hotfix Installer

  1. Hex blog says:

    Windows WMF Metafile Vulnerability HotFix

    This week a new vulnerability was found in Windows: http://www.microsoft.com/technet/security/advisory/912840.mspx Browsing the web was not safe anymore, regardless of the browser. Microsoft will certainly come up with a thouroughly tested fix for it i…

  2. Anonymous says:

    Critical Windows Flaw – Hex blog has the solution

    Since my previous post, Ilfak Guilfanov has a better option for fixing this dangerous flaw.
    Hex blog: Silent WMF Hotfix Installer
    http://www.hexblog.com/cgi-bin/mt/mt-tb.cgi/19
    Also, my friend and colleague Steve Shank has written a great article e…