1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2026-07-09 06:55:39 +00:00
Commit graph

2,391 commits

Author SHA1 Message Date
Mehmetali Kuran
265a1b85be
update Turkish translation to latest 2026-03-25 16:30:54 +00:00
Hugo Carvalho
8799c492b3
[loc] update Portuguese (Portugal) translation to latest 2026-03-25 16:30:37 +00:00
Itiel
cb8b8a6b25
[loc] update Hebrew translation to latest 2026-03-25 16:15:03 +00:00
Pete Batard
984c952d54
[wue] fix username field not showing for Windows 10 Windows To Go
* This fixes a regression introduced in 92a8926c18 with the index elements.
* Also update microsoft/setup-msbuild Action to v3 (Closes #2942).
2026-03-25 00:35:55 +00:00
Pete Batard
4803a80a2e
[ui] fix overlapping tooltips on the WUE dialog
* Whelp, in typical Microsoft fashion, you have to do your own convoluted mouse handling if you want
  this to work as expected, since mouse messages related to tooltips are only being natively processed
  for the main dialog thread.
* Also clean up/harmonize existing stdlg.c code.
2026-03-25 00:35:52 +00:00
Pete Batard
da599641a5
[togo] support recent versions of bcdboot and add support for 2023 CA
* Recent bcdboot introduced the /bootex and /offline parameters for the use of the 2023 CA signed bootloaders.
* When /offline is not set, it also automatically attempts to use the 2023 CA bootloaders, regardless of whether
  they are available from the source repository or not, which results in errors with Windows 10 ISOs.
* To compensate for that, we now detect if we use a modern bcdboot and always use /offline if that is the case,
  so that we can tell it explicitly whether to use the EX/2023-CA signed bootloaders or not.
* Also create the \EFI\Microsoft\Boot\ directory on the ESP, since bcdboot doesn't create it on its own, yet
  tries to copy files there.
* Closes #2940.
2026-03-24 14:09:52 +00:00
Thomas De Rocker
e5398294d4
[loc] update Dutch translation to latest 2026-03-23 19:05:42 +00:00
Suttirak Mattayawerakiat
1b4edc9c24
[loc] update Thai translation to latest 2026-03-23 18:52:18 +00:00
Sopor
cba3cae1e0
[loc] update Swedish translation to latest 2026-03-23 18:46:02 +00:00
Дмитрий Ерохин
f2a55b98f3
[loc] update Russian translation to latest 2026-03-23 18:42:28 +00:00
Richard Kahl
94964ced6a
[loc] update Czech translation to latest 2026-03-23 18:36:35 +00:00
Aldis Tutins
71daa2871f
[loc] update Latvian translation to latest 2026-03-23 18:29:30 +00:00
Pete Batard
fa6c02f677
[loc] fix a whitespace issues for English
* Also revert the adding of single quotes in MSG_332, as it may create issues.
2026-03-20 15:28:14 +00:00
Pete Batard
4a38a14242
[loc] update Pollock to perform our own file monitoring
* Polling works and I don't like being taken for a fool by Microsoft. Gotta wonder how much AI was involved in recent .NET updates...
2026-03-19 12:26:10 +00:00
Pete Batard
f6d445a919
[loc] update Pollock for the new x64 only Poedit installation directory
* Oh, and thanks a lot Microsoft for introducing a major .NET regression that prevents file system
  monitoring from working on anything but the system drive, and causing me to waste a full day trying
  to sort it out, without success. With this utter bullshit, you have cemented my choice of going with
  anything but .NET, when creating utility applications in the future...
2026-03-18 18:58:24 +00:00
Pete Batard
8546656ee9
[iso] add an exception for 'we don't care about our end-users' Bazzite
* See https://github.com/ublue-os/bazzite/issues/4374. Also, great job following STANDARDS, Fedora!
* Also silence a warning in libcdio (triggered by Bazzite not knowing of to master their ISOs).
2026-03-18 12:11:50 +00:00
sehawq
6d12577cfc
[ui] address a condition where controls may be enabled when no image is selected
* Closes #2935.
2026-03-17 23:14:52 +00:00
Pete Batard
5f75e06afa
[ui] report a more explicit error when the user selects an image located on the target drive
* Also update French translation to latest and remove an unused script.
2026-03-17 23:09:42 +00:00
Pete Batard
12749af225
[wue] add tooltips for the WUE dialog options
* Also enable QoL enhancement options for Windows To Go.
* Also try to select the same edition as the host machine for Windows To Go.
2026-03-16 19:28:50 +00:00
Pete Batard
92a8926c18
[misc] clean up and refactor internal dialog handling
* Group the static elements in dialog-specific structs.
* Use 0 rather than -1 for unset elements.
* Also fix initial checkbox value for Silent Install not being properly set.
2026-03-15 13:25:36 +00:00
Pete Batard
8db609d0ef
[wue] add a new 'QoL Enhancements' option
* This option disables most of the unwanted crap that Microsoft tries to push onto users by default.
* Also make sure the Silent Install option is only enabled if the 'Disable data collection' check box is checked.
* Also add a big scary warning for the Silent Install option.
2026-03-13 23:16:06 +00:00
Pete Batard
d4d537fc5b
[uefi] change the name of the UEFI:NTFS partition to RUFUS_BOOT
* This should make it more explicit to Windows users to identify the installation media.
* Also update crazy-max/ghaction-upx to latest (Closes #2936).
* Also fix a Coverity warning and use improve StrArray handling/init.
2026-03-11 15:47:06 +00:00
Pete Batard
1d4c62ba0d
[wue] add an option to perform a fully unattended/silent install
* Note that this will completely repartition and erase the first disk available on the target system ⚠WITHOUT ANY PROMPT⚠.
* Also, this is dependent on the local account name and duplicate regional WUE options to be selected.
* With a special mention to Claude AI, that said that detecting whether a one or multiple disks were available was impossible
  to accomplish using only unattend XML commands... which we therefore promptly managed to disprove.
  Please wake me up when there is any semblance of "intelligence" in the LLMs that are currently destroying our planet...
2026-03-11 10:55:04 +00:00
Pete Batard
073a100c8e
[wue] add an option to copy SkuSiPolicy.p7b to the ESP on install
* This basically accomplishes the steps described in https://support.microsoft.com/kb/5042562 on first logon.
* Note that we use the installed system's SkuSiPolicy.p7b rather than the host system's, even if the latter
  is usually more up to date, because otherwise, the user may run into Error code: 0xc0000428 on first reboot.
* Likewise, we do not provide this option for Windows To Go, as it could prevent the existing Windows install
  from booting, and we'd have to extract SkuSiPolicy.p7b from `install.wim` to do so.
* Also remove dead code related to SkuSiPolicy.p7b hash parsing (which Microsoft no longer uses).
* Closes #2919 (though it doesn't actually address the issue reported there, which we couldn't replicate).
2026-03-06 17:36:44 +00:00
Pete Batard
eb7b6843ee
[core] improve GPT partition type reporting
* Rather than waste our time reimplementing the wheel, use the descriptions from gdisk.
* Also update the DB SHA-266 entries to latest.
* Also set version to rufus-next and update GitHub Actions to latest (Closes #2929).
2026-03-03 16:34:59 +00:00
Pete Batard
4cdedc7630
Rufus 4.13 (Build 2316) v4.13
* Update UEFI:NTFS to fix regression where the wrong driver for ARM/ARM64 was selected
2026-02-17 20:05:19 +00:00
Pete Batard
8b2a5b8514
[grub] update GRUB to 2.14 release
* Can GRUB *EVER* produce a release archive that is not *UTTERLY BROKEN*???
  https://lists.gnu.org/archive/html/grub-devel/2026-01/msg00043.html
* Also set version to rufus-next.
2026-02-10 14:01:07 +00:00
Pete Batard
cac828621a
Rufus 4.12 (Build 2314) v4.12
* Restore credits for Korean translators, that were removed by mistake.
2026-01-30 13:08:10 +00:00
Pete Batard
fb9dd17fe6
Fix a Coverity warning
* Also harmonize / improve code readability.
2026-01-22 18:31:17 +00:00
Pete Batard
460cc5768a
[net] fix local privilege escalation via TOCTOU race condition in Fido script handling (CVE-2026-23988)
* Because PowerShell forces us to close the script we downloaded prior to execution, it is possible for a
  malicious background process (running unprivileged, as the same user that launches Rufus) to replace the
  Fido script after we downloaded and validated it, but before we actually execute the PowerShell command
  to run it.
* See https://github.com/pbatard/rufus/security/advisories/GHSA-hcx5-hrhj-xhq9, which led to CVE-2026-23988.
* To mitigate this, we now use a security descriptor, to force the script to be saved with Administrator
  and System access only so that an unprivileged user process does not have the capability to replace it
  before execution.
* Issue discovered and responsibly disclosed by @independent-arg.
* Fix also suggested by @independent-arg.
2026-01-22 18:23:20 +00:00
Pete Batard
de12649c99
[core] add hash validation for diskcopy.dll and oscdimg.exe usage
* Whereas their location in AppData should prevent other users from replacing these files,
  it is still possible for an unprivileged app ran by the same user to alter them after
  they have been downloaded.
* To prevent this (as well as more elaborate TOCTOUs on these specific files) we now open
  a read-only handle (with *no* file sharing rights), then validate the SHA256 hash (since
  these files are known at the time of compilation) and only once validated (but without
  relinquishing the exclusive handle) run or access the content of the file.
* Also add an arch suffix to the oscdimg.exe, so that we don't run into a situation where
  x86 and x64 Rufus may complain about a previously downloaded exe.
* Also improve error handling from SaveImage() and fully qualify the dism.exe calls.
2026-01-17 16:30:36 +00:00
Pete Batard
6e5bd4424f
[hash] add FileMatchesHash() and BufferMatchedHash() calls
* Also improve our hex string conversion function and make it public.
2026-01-17 16:30:33 +00:00
Pete Batard
913fd56fb5
[process] don't report read-only access from explorer.exe in potentially conflicting processes 2026-01-17 15:15:22 +00:00
Pete Batard
06c2924296
[dev] filter out the new Bitdefender VHDs
* It appears that Bitdefender now mounts a 32 MB VHD on the system where it is installed, so filter it out.
* For reference, this is how it is otherwise detected by Rufus:
Found VHD device 'Microsoft Virtual Disk'
Disk type: FIXED, Disk size: 33 MB, Sector size: 512 bytes
Cylinders: 4, Tracks per cylinder: 255, Sectors per track: 63
Partition type: GPT, NB Partitions: 1
Disk GUID: {3A182634-ECAF-4D9C-9CE0-9E61EC7A093A}
Max parts: 128, Start Offset: 17408, Usable = 33520128 bytes
Partition 1:
  Type: Microsoft Basic Data Partition
  Name: 'Bitdefender Partition'
  Detected File System: NTFS
  ID: {BA5FBC33-B5DD-4468-B9FB-349269EF43B8}
  Size: 31.9 MB (33488896 bytes)
  Start Sector: 64, Attributes: 0x8000000000000001
2026-01-15 18:21:05 +00:00
Pete Batard
1efb25b06b
[iso] fix Rufus saving images as FFU instead of ISO, when FFU is not supported
* Our image type selection forgot to shift the actual type to ISO when FFU is not supported,
  leading to dism being invoked instead of oscdimg.
* Closes #2889.
* Also make sure the UDF label is no more than 32 characters.
* Also increase the oscdimg.exe commandline size as 256 characters may not be enough with long paths.
* Also try to report 'oscdimg.exe` errors in the log instead of silencing them.
* Also fix devices with (non-USB-compliant) VID 0000 being ignored by default.
2026-01-14 23:38:14 +00:00
Pete Batard
46f9c9ec60
[process] improve the process search
* Factorise the PROCESS_BASIC_INFORMATION for 32 and 64 bit.
* Add a (currently unused) GetPPID() function.
* Increase the size of the buffer for reporting processes and their parameters.
* Don't report stale/killed processes in our main process conflict report.
2026-01-14 23:28:11 +00:00
Fabrice
385cb93744
[loc] update French translation
* Closes #2887.
2026-01-12 12:24:41 +00:00
Pete Batard
2476a92d70
[dev] try to support non USB compliant devices that use VID 0000
* This is meant to address #2894.
* Also update copyright year.
2026-01-12 12:21:11 +00:00
Pete Batard
79b0425c57
[dev] Increase the Hardware ID buffer size
* Some (newer) SSD devices appear to have very long Hardware IDs, with tons of underscore
  (eg: "SCSI\DiskNVMe______________________________NVME_SSD_512GBS1111H0L")
* Because of this, and because Hardware ID is a REG_SZ, where entries can be repeated many
  times, our static MAX_PATH buffer can be too small, preventing UAS disks from being
  properly listed.
* Fix this by bumping our buffer to 4 KB, as well as reporting errors on Hardware ID fetch
  in enum debug mode.
* Closes #2894.
2026-01-11 11:45:15 +00:00
Pete Batard
2fa14b0d45
[iso] fix logic for Nutanix workaround
* 1a4175891b added a workaround for the Nutanix GRUB situation, but we forgot an extra file system check.
* Closes #2884.
2025-12-22 14:02:06 +00:00
Pete Batard
3607f5cec8
[iso] add a workaround for umbrelOS ISOs
* The folks at umbrelOS seem to have mastered their ISO in a way where the /usr/lib/systemd/system/system-systemd/ directory
  is not declared (or not declared with attribute _STAT_DIR) on the ISO-9660 file system, which results in Rufus producing an
  error when trying to create the /usr/lib/systemd/system/system-systemd/x2dcryptsetup.slice file.
* To fix this, add a workaround to create missing directories if we encounter ERROR_PATH_NOT_FOUND during ISO-9660 extraction.
2025-12-20 23:19:39 +00:00
Pete Batard
fec6051000
[wue] filter disallowed characters in local account names
* Per https://learn.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-shell-setup-useraccounts-localaccounts-localaccount-name
* Also add 'NONE' to the list of prohibited local account names, and add '.' to the list of disallowed characters based on user report.
* Also update actions/upload-artifact to latest.
* Closes #2878.
* Closes #2879.
2025-12-20 13:36:06 +00:00
Martin Kuschnik
be95fd0e00
[core] improve Microsoft Dev Drive detection
* The `IsMsDevDrive` function is refactored to use the `FSCTL_QUERY_PERSISTENT_VOLUME_STATE` control code
  for detecting Microsoft Dev Drives.
  This replaces the previous approach of analyzing drive layout which was not always correct.
* Closes #2873.
2025-12-18 16:41:14 +00:00
Pete Batard
a8c745d2a9
[internal] do not UPX compress the appstore executables
* UPX compressing exes makes it impossible to reference the PDB when debugging
  which means that, ever since we switched to using the MSVC executables for
  both standalone and appstore in 4adfa4f37e the
  appstore dumps we get on crashes have become basically unusable for debug :(
* We therefore revert to producing non UPX compressed executable for MSVC by
  default, so that we can resume investigating appstore crashes on next release.
* At the same time, on release builds, we add new UPX compressed executables to
  the GitHub Actions artifacts.
* Also update actions/checkout to v6 and close #2868.
2025-11-26 22:43:12 +00:00
Pete Batard
6a7fb939d5
[efi] update UEFI:NTFS to latest
* This improves the error message on arch mismatch, since this appears to be a common user mistake.
* Also fix a handful of MinGW warnings.
2025-11-20 13:07:40 +00:00
Valdemar
c4d6a00c28
[loc] fix typos in Russian translation
* Closes #2859.
2025-11-12 17:42:34 +00:00
Mr-Update
2af24e460e
[loc] fix typos and improve German translation
* Also remove typos in English .loc comments and MSG_355 that's a duplicate of MSG_036.
* Closes #2851.
2025-11-12 17:34:53 +00:00
Grant
b2fd426028
[misc] correct the spelling of 'zstd' in ChangeLog.txt
* Closes #2860.
2025-11-12 17:19:39 +00:00
dependabot[bot]
d755303a10
[internal] bump actions/upload-artifact from 4 to 5
* Closes #2847.
2025-11-12 17:18:27 +00:00
Pete Batard
9d074f8591
[core] strengthen the pre-formatting partition cleanup code
* This aims at reducing errors with Windows and other apps trying to keep a hook into
  existing ESPs and other partitions, thereby causing access errors.
* This is expected to potentially help with #2776 and similar issues.
* Closes #2776.
2025-11-12 17:16:05 +00:00