jones948/Deploy_Winre.ps1

## Deploy_Winre.ps1
# https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41099

#Set patched wim location and get its size.
$replacement_wim = "$PSScriptRoot\Winre-patched-11-22H2-max.wim"
$wim_size = Get-ItemProperty -Path $replacement_wim | select-object Length

#Pick some uncommonly used drive letters and set a mount point for the Recovery partition if the letter is not already in use.
$mount_letter = ""
$drive_letters = "L","M","O","Q","R","T","V","W"
$Volumes = Get-Volume | Where-Object {$null -ne $_.DriveLetter} | Select-Object -ExpandProperty DriveLetter
foreach ($letter in $drive_letters){
    if ($Volumes -notcontains $letter){$mount_letter = $letter;break}
}

#Get current WinRE .wim location
$winre_loc = (reagentc /info | findstr '\\?\GLOBALROOT\device').replace('Windows RE location: ', '').TRIM()

#Extract the disk and partition number from the Windows RE path.
$temp = ($winre_loc -split "harddisk")[1]
$disknumber = ($temp -split '\',0,'SimpleMatch')[0]
$temp = ($winre_loc -split "partition")[1]
$partitionnumber = ($temp -split '\',0,'SimpleMatch')[0]

#Get partition details for the WinRE partition. Then use its parition GUID to find the volume and grab all of its details.
$partition_details = Get-Partition -DiskNumber $disknumber -PartitionNumber $partitionnumber | Select-Object *
$volume_details = Get-Volume | Where-Object {$_.UniqueId -match $partition_details.Guid} | Select-Object *

#Use the above details to verify the patched wim can fit on the volume.
#If so, assign the driver letter, replace the wim, match the original wim's attributes, and remove the drive letter.
if ($volume_details.Size -gt $wim_size.Length){
    $winre_wim = "$mount_letter`:\Recovery\WindowsRE\Winre.wim"
    Get-Partition -DiskNumber $disknumber -PartitionNumber $partitionnumber | Set-Partition -NewDriveLetter $mount_letter
    Remove-Item -Path $winre_wim -Force -Verbose
    Copy-Item -Path $replacement_wim -Destination $winre_wim -Force -Verbose
    (Get-item -Force $winre_wim).Attributes += 'Hidden'
    (Get-item -Force $winre_wim).Attributes += 'System'
    Get-Partition -DiskNumber $disknumber -PartitionNumber $partitionnumber | Remove-PartitionAccessPath -accesspath "$mount_letter`:\"
}
	# https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41099

	#Set patched wim location and get its size.
	$replacement_wim = "$PSScriptRoot\Winre-patched-11-22H2-max.wim"
	$wim_size = Get-ItemProperty -Path $replacement_wim \| select-object Length

	#Pick some uncommonly used drive letters and set a mount point for the Recovery partition if the letter is not already in use.
	$mount_letter = ""
	$drive_letters = "L","M","O","Q","R","T","V","W"
	$Volumes = Get-Volume \| Where-Object {$null -ne $_.DriveLetter} \| Select-Object -ExpandProperty DriveLetter
	foreach ($letter in $drive_letters){
	if ($Volumes -notcontains $letter){$mount_letter = $letter;break}
	}

	#Get current WinRE .wim location
	$winre_loc = (reagentc /info \| findstr '\\?\GLOBALROOT\device').replace('Windows RE location: ', '').TRIM()

	#Extract the disk and partition number from the Windows RE path.
	$temp = ($winre_loc -split "harddisk")[1]
	$disknumber = ($temp -split '\',0,'SimpleMatch')[0]
	$temp = ($winre_loc -split "partition")[1]
	$partitionnumber = ($temp -split '\',0,'SimpleMatch')[0]

	#Get partition details for the WinRE partition. Then use its parition GUID to find the volume and grab all of its details.
	$partition_details = Get-Partition -DiskNumber $disknumber -PartitionNumber $partitionnumber \| Select-Object *
	$volume_details = Get-Volume \| Where-Object {$_.UniqueId -match $partition_details.Guid} \| Select-Object *

	#Use the above details to verify the patched wim can fit on the volume.
	#If so, assign the driver letter, replace the wim, match the original wim's attributes, and remove the drive letter.
	if ($volume_details.Size -gt $wim_size.Length){
	$winre_wim = "$mount_letter`:\Recovery\WindowsRE\Winre.wim"
	Get-Partition -DiskNumber $disknumber -PartitionNumber $partitionnumber \| Set-Partition -NewDriveLetter $mount_letter
	Remove-Item -Path $winre_wim -Force -Verbose
	Copy-Item -Path $replacement_wim -Destination $winre_wim -Force -Verbose
	(Get-item -Force $winre_wim).Attributes += 'Hidden'
	(Get-item -Force $winre_wim).Attributes += 'System'
	Get-Partition -DiskNumber $disknumber -PartitionNumber $partitionnumber \| Remove-PartitionAccessPath -accesspath "$mount_letter`:\"
	}