mirror of
https://github.com/rbalsleyMSFT/FFU.git
synced 2026-06-14 02:09:35 -06:00
Merge pull request #79 from zehadialam/2410.1
Include Latest Windows Malicious Software Removal Tool
This commit is contained in:
rbalsleyMSFT
@@ -5,6 +5,7 @@ REM d:\Office\setup.exe /configure d:\office\DeployFFU.xml
|
||||
REM Install Defender Platform Update
|
||||
REM Install Defender Definitions
|
||||
REM Install Windows Security Platform Update
|
||||
REM Install Windows Malicious Software Removal Tool
|
||||
REM Install OneDrive Per Machine
|
||||
REM Install Edge Stable
|
||||
REM Winget Win32 Apps
|
||||
|
||||
@@ -115,6 +115,9 @@ When set to $true, will download and install the latest .NET Framework for Windo
|
||||
.PARAMETER UpdateLatestDefender
|
||||
When set to $true, will download and install the latest Windows Defender definitions and Defender platform update. Default is $false.
|
||||
|
||||
.PARAMETER UpdateLatestMSRT
|
||||
When set to $true, will download and install the latest Windows Malicious Software Removal Tool. Default is $false
|
||||
|
||||
.PARAMETER UpdateEdge
|
||||
When set to $true, will download and install the latest Microsoft Edge for Windows 10/11. Default is $false.
|
||||
|
||||
@@ -306,6 +309,7 @@ param(
|
||||
[bool]$UpdatePreviewCU,
|
||||
[bool]$UpdateLatestNet,
|
||||
[bool]$UpdateLatestDefender,
|
||||
[bool]$UpdateLatestMSRT,
|
||||
[bool]$UpdateEdge,
|
||||
[bool]$UpdateOneDrive,
|
||||
[bool]$CopyPPKG,
|
||||
@@ -372,6 +376,7 @@ if (-not $FFUCaptureLocation) { $FFUCaptureLocation = "$FFUDevelopmentPath\FFU"
|
||||
if (-not $LogFile) { $LogFile = "$FFUDevelopmentPath\FFUDevelopment.log" }
|
||||
if (-not $KBPath) { $KBPath = "$FFUDevelopmentPath\KB" }
|
||||
if (-not $DefenderPath) { $DefenderPath = "$AppsPath\Defender" }
|
||||
if (-not $MSRTPath) { $MSRTPath = "$AppsPath\MSRT" }
|
||||
if (-not $OneDrivePath) { $OneDrivePath = "$AppsPath\OneDrive" }
|
||||
if (-not $EdgePath) { $EdgePath = "$AppsPath\Edge" }
|
||||
if (-not $DriversFolder) { $DriversFolder = "$FFUDevelopmentPath\Drivers" }
|
||||
@@ -3528,6 +3533,12 @@ function Get-FFUEnvironment {
|
||||
Remove-Item -Path $DefenderPath -Recurse -Force -ErrorAction SilentlyContinue
|
||||
WriteLog 'Removal complete'
|
||||
}
|
||||
#Clean up $MSRTPath
|
||||
if (Test-Path -Path $MSRTPath) {
|
||||
WriteLog "Removing $MSRTPath"
|
||||
Remove-Item -Path $MSRTPath -Recurse -Force -ErrorAction SilentlyContinue
|
||||
WriteLog 'Removal complete'
|
||||
}
|
||||
#Clean up $OneDrivePath
|
||||
If (Test-Path -Path $OneDrivePath) {
|
||||
WriteLog "Removing $OneDrivePath"
|
||||
@@ -3578,6 +3589,17 @@ function Clear-InstallAppsandSysprep {
|
||||
WriteLog 'Removal complete'
|
||||
}
|
||||
}
|
||||
if ($UpdateLatestMSRT) {
|
||||
WriteLog "Updating $AppsPath\InstallAppsandSysprep.cmd to remove Windows Malicious Software Removal Tool"
|
||||
$CmdContent = Get-Content -Path "$AppsPath\InstallAppsandSysprep.cmd"
|
||||
$CmdContent -notmatch 'd:\\MSRT*' | Set-Content -Path "$AppsPath\InstallAppsandSysprep.cmd"
|
||||
#Clean up $MSRTPath
|
||||
If (Test-Path -Path $MSRTPath) {
|
||||
WriteLog "Removing $MSRTPath"
|
||||
Remove-Item -Path $MSRTPath -Recurse -Force -ErrorAction SilentlyContinue
|
||||
WriteLog 'Removal complete'
|
||||
}
|
||||
}
|
||||
if ($UpdateOneDrive) {
|
||||
WriteLog "Updating $AppsPath\InstallAppsandSysprep.cmd to remove OneDrive install"
|
||||
$CmdContent = Get-Content -Path "$AppsPath\InstallAppsandSysprep.cmd"
|
||||
@@ -3744,8 +3766,8 @@ if (($LogicalSectorSizeBytes -eq 4096) -and ($installdrivers -eq $true)) {
|
||||
if ($BuildUSBDrive -eq $true) {
|
||||
$USBDrives, $USBDrivesCount = Get-USBDrive
|
||||
}
|
||||
if (($InstallApps -eq $false) -and (($UpdateLatestDefender -eq $true) -or ($UpdateOneDrive -eq $true) -or ($UpdateEdge -eq $true))) {
|
||||
WriteLog 'You have selected to update Defender, OneDrive, or Edge, however you are setting InstallApps to false. These updates require the InstallApps variable to be set to true. Please set InstallApps to true and try again.'
|
||||
if (($InstallApps -eq $false) -and (($UpdateLatestDefender -eq $true) -or ($UpdateOneDrive -eq $true) -or ($UpdateEdge -eq $true) -or ($UpdateLatestMSRT -eq $true))) {
|
||||
WriteLog 'You have selected to update Defender, Malicious Software Removal Tool, OneDrive, or Edge, however you are setting InstallApps to false. These updates require the InstallApps variable to be set to true. Please set InstallApps to true and try again.'
|
||||
throw "InstallApps variable must be set to `$true to update Defender, OneDrive, or Edge"
|
||||
}
|
||||
if (($WindowsArch -eq 'ARM64') -and ($InstallOffice -eq $true)) {
|
||||
@@ -3758,6 +3780,11 @@ if (($WindowsArch -eq 'ARM64') -and ($UpdateOneDrive -eq $true)) {
|
||||
WriteLog 'OneDrive currently fails to install on ARM64 VMs (even with the OneDrive ARM setup files). Setting UpdateOneDrive to false'
|
||||
}
|
||||
|
||||
if (($WindowsArch -eq 'ARM64') -and ($UpdateLatestMSRT -eq $true)) {
|
||||
$UpdateLatestMSRT = $false
|
||||
WriteLog 'Windows Malicious Software Removal Tool is not available for the ARM64 architecture.'
|
||||
}
|
||||
|
||||
###END PARAMETER VALIDATION
|
||||
|
||||
#Get script variable values
|
||||
@@ -3904,6 +3931,23 @@ if ($InstallApps) {
|
||||
Set-Content -Path "$AppsPath\InstallAppsandSysprep.cmd" -Value $UpdatedcmdContent
|
||||
WriteLog "Update complete"
|
||||
}
|
||||
if ($UpdateLatestMSRT) {
|
||||
WriteLog "`$UpdateLatestMSRT is set to true."
|
||||
$Name = "Windows Malicious Software Removal Tool"
|
||||
#Check if $MSRTPath exists, if not, create it
|
||||
if (-not (Test-Path -Path $MSRTPath)) {
|
||||
WriteLog "Creating $MSRTPath"
|
||||
New-Item -Path $MSRTPath -ItemType Directory -Force | Out-Null
|
||||
}
|
||||
WriteLog "Getting Windows Malicious Software Removal Tool URL"
|
||||
$MSRTFileName = Save-KB -Name $Name -Path $MSRTPath
|
||||
WriteLog "Latest Windows Malicious Software Removal Tool saved to $MSRTPath\$MSRTFileName"
|
||||
WriteLog "Updating $AppsPath\InstallAppsandSysprep.cmd to include Windows Malicious Software Removal Tool"
|
||||
$CmdContent = Get-Content -Path "$AppsPath\InstallAppsandSysprep.cmd"
|
||||
$UpdatedcmdContent = $CmdContent -replace '^(REM Install Windows Malicious Software Removal Tool)', ("REM Install Windows Malicious Software Removal Tool`r`nd:\MSRT\$MSRTFileName /quiet")
|
||||
Set-Content -Path "$AppsPath\InstallAppsandSysprep.cmd" -Value $UpdatedcmdContent
|
||||
WriteLog "Update complete"
|
||||
}
|
||||
#Download and Install OneDrive Per Machine
|
||||
if ($UpdateOneDrive) {
|
||||
WriteLog "`$UpdateOneDrive is set to true, checking for latest OneDrive client"
|
||||
|
||||
Reference in New Issue
Block a user