Moderator note:
Please be aware the focus of the list is Patchmanagement not
Virus/network management. Thus I recommend that you sign up for/ post to
and send follow up to the ntsysadm list.
I will not be sending suggestions/responses through the list but will
graciously ask everyone to respect that we have to have boundaries
otherwise we'll make the listserve server keel over in a faint handling
the traffic (and it's bad enough with the patching issues).
http://myitforum.com/myitforumwp/services/email-lists-2/
Sign up there
Susan Bradley
http://blogs.msmvps.com/bradley
http://www.runasradio.com/default.aspx?showNum=390
On 12/11/2014 11:04 AM, Randy Vongsavath wrote:
Hi all –
Has anyone been hit with “keyholder”?
It’s a variant of Crypto and at this point have no knowledge of it yet
or how to combat it.
We do have GPO Software Restriction Policy in place which was proven
to combat CryptoLocker/CryptoWall…so as of now we need to know that
there is a variant out there that we have to figure out how to combat.
FYI:
We have IPS/Content Filtering active and turned on
The source machine had AVG deployed real-time and was running the most
current signature version available.
Looking for some insight regarding GPO or find a different approach to
blocking it until AV products catch up.
Thank you,
*Randy V. *
NOC Engineer
*From:*Allen, Dwayne [mailto:[email protected]]
*Sent:* Thursday, December 11, 2014 10:46 AM
*To:* Patch Management Mailing List
*Subject:* RE: RE:[patchmanagement] This Month's Problems...
If the update is already downloaded and deployed then you will need to
manually remove it from the deployment. If it hasn’t been deployed yet
then you won’t be able to deploy it.
Thanks,
Dwayne
*From:*[email protected]
<mailto:[email protected]>
[mailto:[email protected]]
*Sent:* Thursday, December 11, 2014 12:24 PM
*To:* Patch Management Mailing List
*Subject:* [EXTERNAL]RE:[patchmanagement] This Month's Problems...
With all of these patches being pulled an I correct that if Microsoft
expires it then SCCM will not try to deploy it with out making any
changes?
Those that Microsoft has not expired will need to be removed from the
deployment manually.
