Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: MicrosoftFixit50792

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
CSI

This thread has been marked as locked.
msmithjr50 MicrosoftFixit50792
Member 9th Nov, 2011 21:33
Ranking: 0
Posts: 1
User Since: 9th Nov, 2011
System Score: N/A
Location: US
I have been looking into the Duqu virus and see that Microsoft has a fixit msi file to turn off the vulnerability, but this really isn't a patch. Is there any way that a package could be created with CSI v5 to deploy this on my network?

Thanks!

O.Marin RE: MicrosoftFixit50792
Secunia Official 15th Nov, 2011 09:59
Score: 30
Posts: 116
User Since: 4th Aug 2011
System Score: N/A
Location: Copenhagen, DK
Last edited on 15th Nov, 2011 09:59
Hi,

If you are using CSI 5 then it's really easy.

1. Go to Patch -> SPS
2. Click on New Custom Package
3. On step 2 add the silent parameters under userSpecificParams variable
var userSpecficParams = "modify as needed";
4. Add the .msi file under “Files to include”
5. On step 3 select Mark package as “Always installable”
Note: This will overwrite an installability rule and will make the package available for all approved hosts.
6. Finish the wizard and publish it.

Please test the package on a couple of hosts before deploying it to your whole environment.

In CSI 4.1 you cannot do it unfortunately.

Let me know if you have any questions,

--
Kind Regards,

Oana Marin
Solution Specialist
ddmarshall RE: MicrosoftFixit50792
Dedicated Contributor 15th Nov, 2011 14:52
Score: 1210
Posts: 961
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Be careful with this Fixit. Microsoft keep updating the undesirable side effects it has. this is the latest:

Impact of Workaround.

1. Applications that rely on embedded font technology will fail to display properly.
2. After applying this workaround, users of Windows XP and Windows Server 2003 may be reoffered the KB982132 and KB972270 security updates. These reoffered updates will fail to install. The reoffering is a detection logic issue and users who have successfully applied both the KB982132 and KB972270 security updates previously can ignore the reoffer.
3. Applications with functionality that relies on T2EMBED.DLL, such as generating PDF files, may fail to work as expected. For example, Microsoft Office software will fail to generate PDF files.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+2
-0
csi@bankevb.com RE: MicrosoftFixit50792
Member 15th Nov, 2011 19:00
Thanks for the input!
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer