navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Important! Secunia applied permanent fixes to help you patch Orac...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
CSI

This thread has been marked as locked.
This user no longer exists Important! Secunia applied permanent fixes to help you patch Oracle Java
Secunia Official 19th Apr, 2013 08:48
Ranking: 25
Posts: 173
User Since: 1st Jan, 1970
System Score: N/A
Location: Copenhagen, DK
Last edited on 19th Apr, 2013 08:58

Dear Customers,

We are happy to publically announce that Secunia has created Oracle Java packages to install as smoothly as possible under almost all circumstances. Oracle Java patches built into the Secunia Package System (SPS) are no longer expected to preform unexpected and unwanted installation failures. Please find a brief review of what we have done below:

What caused issues previously?
-----------------------------------------------
Oracle Java patches build into the SPS failed to install on random Clients when an old copy of Java was running on the local system.
This particular problem occurred because the Windows OS locked the old copy of Java that is running as a process on the local system.
(Return Code 32 / 0x80070643 -> "The process cannot access the file because it is being used by another process")

What were the consequences for local users?
-------------------------------------------------- --------------
Below is a list of the awkward behavior experienced as a consequence of the Windows lockout problem:

1. Java patch reboots the Client system unexpectedly - this problem is estimated to have a large impact on users' work.
2. Java patch uninstalls the old Java copy and fails to install itself - Java would need to be re-installed.
3. Java patch installs itself on the local system, but it fails to uninstall the previous copy of Java - the system remains vulnerable.

What did Secunia do to resolve this issue?
-------------------------------------------------- -------------------
Secunia cannot prevent Windows OS from locking running processes and application instances or workaround this behavior.
What we have done, however, is safeguarded the installation in terms of preventing failure consequences.
Furthermore, we ensured that you can seamlessly install Java patches that failed to install earlier.

The SPS packages for Oracle Java now include a built-in mechanism that checks whether Java is running on the local system. In a scenario where the old copy of Java is indeed running locally at the time of applying your SPS Oracle Patch, the installer will now fail with fixed error code 20 / 32, right before executing the original vendor installer that is embedded in the SPS.exe. This prevents the occurrence of unexpected and unwanted issues. In addition, the SPS patch for Oracle Java remains available for installation in Windows Update at any time after the failure.

When an expected failure occurs (Error 20 / 32), you can proceed to install the failed package in two ways:

1. Killing the running Oracle Java process allows you immediately to proceed with successful installation of Java.
2. System Shutdown at the end of the working day will ensure the successful installation of the Java patch in a completely unattended manner.

Conclusion:
-----------------
Customers can be confident that Oracle Java patches built into the Secunia CSI will be successfully deployed to Clients in all circumstances, even on occasions when all requirements for a failure are present.
Patches that failed to install in the first installation attempt remain applicable and pending for installation in Windows Update. During System Shutdown, the patches are installed automatically in an unattended manner.

Kind Regards / Stay Secure
/Rosen Danailov
Secunia Customer Support

No one has replied to this thread yet - be the first
This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+