Gimmick of the day (or week, month, year, …)

Click one of the green buttons to select and display your gimmick, or the red button to reset your selection and hide the gimmick.

MSDM Product Key Reader

Purpose

The Windows^® application MSDM Product Key Reader.exe displays the device-specific individual product key embedded by (big) OEMs in the MSDM table of the ACPI BIOS.
This product key is used for automatic selection of the product edition and the activation of Windows 8 and Windows 8.1 during their installation, and can since version 1511 alias Threshold 2 be used for (manual) product activation of Windows 10 too.

Background Information

The MSDM table of the ACPI BIOS is specified in a white paper available from Microsoft Software Licensing Tables (SLIC and MSDM) on MSDN.

Implementation and Build Details

MSDM Product Key Reader.exe is a pure Win32 binary executable, written in ANSI C, built with the platform SDK for Windows Server 2003 R2 without the MSVCRT libraries, for use on Windows Server 2003 and newer versions of Windows NT as well as Windows PE 2.0 and newer versions.

Source and Build Instructions

Optionally perform the following 2 simple steps to build MSDM Product Key Reader.exe from the source.
Note: MSDM Product Key Reader.exe is a pure Win32 application and builds without the MSVCRT libraries.

Create the text file GIMMICK.C with the following content:

// Copyright © 2012-2018, Stefan Kanthak <‍skanthak‍@‍nexgo‍.‍de‍>

#define STRICT
#undef UNICODE
#define WIN32_LEAN_AND_MEAN

#include <windows.h>

typedef	struct	_msdm		// 'Microsoft Data Management' table
{
	DWORD	Signature;	// "MSDM" = 0x4D44534D = 'MDSM'
	DWORD	Length;		// size of entire MSDM table: 0x00000055
	BYTE	Revision;
	BYTE	Checksum;	// checksum of entire MSDM table
	CHAR	OEMId[6];	// OEM identification
	CHAR	OEMTableId[8];
	DWORD	OEMRevision;
	CHAR	CreatorId[4];	// creator identification
	DWORD	CreatorRevision;

	DWORD	Version;	// 0x00000001
	DWORD	Reserved;	// 0x00000000
	DWORD	DataType;	// 0x00000001
	DWORD	DataReserved;	// 0x00000000
	DWORD	DataLength;	// 0x0000001D
	CHAR	Data[29];	// product key: "23467-89BCD-FGHJK-MNPQR-TVWXY"
} MSDM;

void	WinMainCRTStartup(void)
{
	MSDM	msdm;
	BYTE	bCheckSum;
	DWORD	dwCheckSum;

	// see <https://msdn.microsoft.com/en-us/library/ms724379.aspx>

	if (GetSystemFirmwareTable('ACPI', 'MDSM', NULL, sizeof(msdm)) == 0)
		MessageBoxExA(HWND_DESKTOP,
		              "No \'MSDM\' table found!",
		              "\'MSDM\' table reader",
		              MB_OK | MB_ICONQUESTION,
		              MAKELANGID(LANG_ENGLISH, SUBLANG_NEUTRAL));
	else
		if (GetSystemFirmwareTable('ACPI', 'MDSM', &msdm, sizeof(msdm)) > sizeof(msdm))
			MessageBoxExA(HWND_DESKTOP,
			              "Error reading \'MSDM\' table!",
			              "\'MSDM\' table reader",
			              MB_OK | MB_ICONERROR,
			              MAKELANGID(LANG_ENGLISH, SUBLANG_NEUTRAL));
		else
		{
			for (bCheckSum = 0, dwCheckSum = msdm.Length;
			     dwCheckSum > 0L;
			     bCheckSum += ((BYTE *) &msdm)[--dwCheckSum])
				continue;

			if ((bCheckSum != 0)
			 || (msdm.Version != 1L)
			 || (msdm.Reserved != 0L)
			 || (msdm.DataType != 1L)
			 || (msdm.DataReserved != 0L)
			 || (msdm.DataLength != sizeof(msdm.Data)))
				MessageBoxExA(HWND_DESKTOP,
				              "Invalid or unknown \'MSDM\' table found!",
				              "\'MSDM\' table reader",
				              MB_OK | MB_ICONWARNING,
				              MAKELANGID(LANG_ENGLISH, SUBLANG_NEUTRAL));
			else
			{
				msdm.Data[sizeof(msdm.Data)] = '\0';

				MessageBoxExA(HWND_DESKTOP,
				              msdm.Data,
				              "\'MSDM\' table reader",
				              MB_OK | MB_ICONINFORMATION,
				              MAKELANGID(LANG_ENGLISH, SUBLANG_NEUTRAL));
			}
		}

	ExitProcess(GetLastError());
}

Run the following two command lines:

CL.EXE /c /FoGIMMICK.OBJ /GA /GF /GS- /O1 /Os /TcGIMMICK.C /W4 /Zl
LINK.EXE /DYNAMICBASE /ENTRY:WinMainCRTStartup /FIXED:NO /NODEFAULTLIB /NXCOMPAT /OSVERSION:5.2 /OUT:"MSDM Product Key Reader.exe" /RELEASE /SUBSYSTEM:WINDOWS /SWAPRUN:CD,NET GIMMICK.OBJ KERNEL32.LIB USER32.LIB

Meltdown and Spectre Update Check Utility

Purpose

The Windows^® application BTI_RDCL.EXE displays the status of the mitigations for the vulnerabilities CVE-2017-5715 alias Branch Target Injection and CVE-2017-5754 alias Rogue Data Cache Load, better known by their nicknames Meltdown and Spectre.
The mitigations are installed by one of the security updates 4056888, 4056890, 4056891, 4056892, 4056893, 4056894, 4056895, 4056896, 4056897, 4056898 and 4056899, or the subsequent updates 4057142, 4057144, 4075199, 4075200, 4057400, 4057401, 4057402, 4073290, 4073291, 4073576 and 4073578.

Note: the status of the mitigations for the vulnerability CVE-2017-5753 alias Bounds Check Bypass can’t be shown: every piece of machine code which is susceptible to this vulnerability needs to be fixed individually!

Background Information

The MSKB articles 4072698, 4072699, 4073065, 4073119, 4073225, 4073229, 4073237, 4073707, 4073757 and 4078130 provide information about the updates.

The MSKB articles 4090007, 4091663, 4091664 and 4093836 provide information about the microcode updates distributed through Microsoft Update Catalog.

Operation

[Screenshot of BTI_RDCL.EXE with missing security update for 'Meltdown' (CVE-2017-5754) and 'Spectre' (CVE-2017-5715, CVE-2017-5753)]

Without security update installed, BTI_RDCL.EXE displays two message boxes like that shown on the right.

With security update installed, BTI_RDCL.EXE displays two message boxes like those shown below.

[Screenshot of BTI_RDCL.EXE with active mitigation for 'Meltdown' (CVE-2017-5754)]

Implementation and Build Details

BTI_RDCL.EXE is a pure Win32 binary executable, written in ANSI C, built with the platform SDK for Windows Server 2003 R2 without the MSVCRT libraries, for use on Windows 2000 and newer versions of Windows NT as well as Windows PE.

Authenticity and Integrity

BTI_RDCL.EXE is digitally signed using an X.509 certificate issued by WEB.DE TrustCenter E-Mail Certification Authority.

Serial number of the certificate: 73780985; 0x0465CEF9
Fingerprint of the certificate: MD5: 33 33 6e 1d 26 18 a7 c2 be 87 11 68 05 2c 70 09; SHA-1: 8c 5b 75 21 40 41 77 ac 54 13 13 02 06 6b b0 69 10 2e 83 0e

Download and install the CA and root X.509 certificates of WEB.DE to validate and verify the digital signature.

Note: due to its counter signature alias timestamp the digital signature remains valid past the X.509 certificates expiration date!

Makefile and Build Instructions

Optionally perform the following 4 simple steps to build BTI_RDCL.EXE from the source and sign it with your own X.509 certificate.

Download the makefile BTI_RDCL.MAK and save it in an arbitrary, preferable empty directory.
Download the Meltdown icon and save it as MELTDOWN.ICO in the directory used in step 1.
Download the Spectre icon and save it as SPECTRE.ICO in the directory used in step 1.
Run the following command line to build BTI_RDCL.EXE:
```
NMAKE.EXE /R /F BTI_RDCL.MAK
```

Contact

Notes: I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see a full (real) name as sender, not a nickname!
Emails in weird formats and without a proper sender name are likely to be discarded.
I abhor top posts and expect inline quotes in replies.

Me, myself & IT