Fido and download Isos Windows 10/11 #2697
Comments
|
Unlike UUP, which creates custom unofficial ISOs from bits and pieces they obtain from the Microsoft binary servers, Rufus downloads retail ISO directly from Microsoft, so, as long as Microsoft does not provide updated retail ISOs, Rufus cannot provide Windows 10 versions with updated bootloaders. If you are unhappy about this situation, please complain to Microsoft so that they update their retail Windows 10 ISOs, because, again, all Fido does is pick these ISOs directly from Microsoft servers. It's not because anybody can create unofficial ISOs where the revoked bootloader warnings are removed that I want to do so in Rufus, especially as using retail Windows ISOs is the only way to make sure that somebody has not maliciously tampered with your Windows installation data: https://github.com/pbatard/rufus/wiki/FAQ#user-content-How_can_I_validate_that_a_Windows_ISO_is_a_genuine_retail_version. Also, with Windows 10 reaching End Of Life soon, I really have no plans to add workarounds in Rufus to sort out the revoked bootloader situation there (especially since, again, it is up to Microsoft to fix the situation in their retails ISOs, and not Rufus). |
|
@pbatard General all ISOs from Microsoft MCT or if you download updated ISO from Microsoft site, are flagged. Without 11 24H2 because that was after all putted and have only few months. |
It's not that easy, because you need to update the .wim's as well. I investigated this in #2244 (comment) and found that it was just not realistic for Rufus to properly update all the bootloaders that might have been revoked. Again, if you are unhappy about the Windows 10 situation with revoked bootloaders, don't complain to me. Complain to Microsoft. It's their job top update their images so that they don't use revoked bootloaders and people shouldn't have to patch or recreate ISOs to avoid this. As long as you don't complain to the relevant people, the situation will not change, and Microsoft will continue to feel entitled to do a bad job with not updating ISOs that are known to contain vulnerable bootloaders, even as the OS has not yet reached EOL. |
|
I can't understand one. Why to verification point is site adguard? They have genui ISOs? Because you prefer that Russian? Can't give link to some iso verifer? |
Because Microsoft used to make the SHA-1 of their retail ISOs publicly accessible in a convenient list on MSDN, but about 3-4 years ago, they put that list behind a subscriber access. So we had to find an alternative site that provides these same SHA-1's (the SHA-1's for the retail Microsoft ISOs are unique — that's the whole point), and it happens that adguard does, and it has a convenient search function. Oh, and your ISO verifier is Rufus. You just need to compare to locate and compare the SHA-1. And no, I can't go around maintaining a list of SHA-1's myself. That's why I delegate this to adguard. And trust me, if adguard ever start to publish SHA-1's that don't match the ones from the actual retail ISOs, it will be known (because it will be super obvious). So, yeah, a site that publishs SHA-1 that everybody else can easily validate for accuracy can be trusted, regardless of where they reside. |
|
Thank you for help and informations. |
Fido downloader have updates sources to download updated ISOs for Rufus don't tell later about how bootloader EFI is revoked?
I see much that monits after download iso from Microsoft site /Media Creation Tool or when download from UUP Dump with newest patches. With Windows 10 22 H2 or 11 23 H2 are that situations generally most.
The text was updated successfully, but these errors were encountered: