|9th Nov, 2011 21:33|
User Since: 9th Nov, 2011
System Score: N/A
I have been looking into the Duqu virus and see that Microsoft has a fixit msi file to turn off the vulnerability, but this really isn't a patch. Is there any way that a package could be created with CSI v5 to deploy this on my network?
|15th Nov, 2011 09:59|
User Since: 4th Aug 2011
System Score: N/A
Location: Copenhagen, DK
Last edited on 15th Nov, 2011 09:59
If you are using CSI 5 then it's really easy.
1. Go to Patch -> SPS
2. Click on New Custom Package
3. On step 2 add the silent parameters under userSpecificParams variable
var userSpecficParams = "modify as needed";
4. Add the .msi file under “Files to include”
5. On step 3 select Mark package as “Always installable”
Note: This will overwrite an installability rule and will make the package available for all approved hosts.
6. Finish the wizard and publish it.
Please test the package on a couple of hosts before deploying it to your whole environment.
In CSI 4.1 you cannot do it unfortunately.
Let me know if you have any questions,
|15th Nov, 2011 14:52|
User Since: 8th Nov 2008
System Score: 98%
|Be careful with this Fixit. Microsoft keep updating the undesirable side effects it has. this is the latest:
Impact of Workaround.
1. Applications that rely on embedded font technology will fail to display properly.
2. After applying this workaround, users of Windows XP and Windows Server 2003 may be reoffered the KB982132 and KB972270 security updates. These reoffered updates will fail to install. The reoffering is a detection logic issue and users who have successfully applied both the KB982132 and KB972270 security updates previously can ignore the reoffer.
3. Applications with functionality that relies on T2EMBED.DLL, such as generating PDF files, may fail to work as expected. For example, Microsoft Office software will fail to generate PDF files.
This answer is provided “as-is.” You bear the risk of using it.
|15th Nov, 2011 19:00|
|Thanks for the input!|