I think I will bash the workaround straight onto my Citrix farm then 2008/12/18 Alex Eckelberry <[email protected]>
> Incidentally, there's still a zero day out there with Wordpad. > > http://news.cnet.com/8301-1009_3-10120546-83.html > > > Doesn't affect Wserver 2008, Vista or XP SP3 but still worth keeping in > mind if you have machines that aren't up to the latest grade. > > Alex > > > ------------------------------ > *From:* James Rankin [mailto:[email protected]] > *Sent:* Wednesday, December 17, 2008 10:10 AM > *To:* NT System Admin Issues > *Subject:* Re: 0-day IE Exploit "in the wild" > > I forgot to mention that the *net view* command will only work well if, > like mine, all your machines are devoid of comments in the computer name > > 2008/12/17 James Rankin <[email protected]> > >> I just keep a text file with all my server names in and hit it with a *for >> /f %a in (servernames.txt) do psexec \\%a wuauclt /detectnow* >> >> You can mix and match as much as you want, ideal for *gpupdate /force*, >> copy commands,* ipconfig /flushdns*, anything you need >> >> If there is any need to grab machine names from the network, I generally >> use *net view|find "\\" *to pipe them in >> >> for /f "tokens=1 delims=\" %a in ('net view^|find "\\"') do psexec \\%a *your >> command here* >> >> Pretty clunky, but effective >> >> 2008/12/17 David Lum <[email protected]> >> >>> Excel is your friend. I have run WUAUCLT /DETECTNOW on 300 systems – I >>> created 6 batch files of 50 machines each and let 'er rip. Works great. >>> >>> >>> >>> David Lum >>> ------------------------------ >>> >>> *From:* Jason Morris [mailto:[email protected]] >>> *Sent:* Tuesday, December 16, 2008 1:44 PM >>> >>> *To:* NT System Admin Issues >>> *Subject:* RE: 0-day IE Exploit "in the wild" >>> >>> >>> >>> My experience with PSEXEC is that it doesn't like to have multiple >>> commands pasted in. I work them individually, but it's usually in small >>> batches of users so it's not bad. I connect to the computer to run cmd.exe >>> then do my stuff from there one command at a time. I even made a batch file >>> to make it easier… >>> >>> >>> >>> Psexecsys.bat 10.1.1.1 jmorris "My Password" >>> >>> Psexec \\%1 –u domain\%2 -p %3 cmd.exe >>> >>> >>> >>> Then I do my things from there one at a time. I've tried to run batch >>> files from that cmd prompt but had very poor luck. If you do find a way to >>> do it, that would be nice. >>> >>> Good luck! >>> >>> Jason >>> >>> >>> >>> >>> >>> *From:* Sean Rector [mailto:[email protected]] >>> *Sent:* Tuesday, December 16, 2008 3:35 PM >>> *To:* NT System Admin Issues >>> *Subject:* RE: 0-day IE Exploit "in the wild" >>> >>> >>> >>> Does anyone have a psexec batch file to pass psexec a list of systems >>> (from a text file, perhaps) for it to remotely run WUAUCLT on said systems? >>> >>> >>> >>> Sean Rector, MCSE >>> >>> >>> >>> *From:* Miller Bonnie L. [mailto:[email protected]] >>> *Sent:* Tuesday, December 16, 2008 4:17 PM >>> *To:* NT System Admin Issues >>> *Subject:* RE: 0-day IE Exploit "in the wild" >>> >>> >>> >>> Just got this… patch is supposed to be released out of band tomorrow… >>> >>> >>> >>> http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx >>> >>> >>> >>> -Bonnie >>> >>> >>> >>> *From:* Miller Bonnie L. [mailto:[email protected]] >>> *Sent:* Thursday, December 11, 2008 9:12 AM >>> *To:* NT System Admin Issues >>> *Subject:* 0-day IE Exploit "in the wild" >>> >>> >>> >>> http://isc.sans.org/ >>> >>> >>> >>> http://www.microsoft.com/technet/security/advisory/961051.mspx >>> >>> >>> >>> -Bonnie >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> Information Technology Manager >>> Virginia Opera Association >>> >>> E-Mail: [email protected] >>> Phone: (757) 213-4548 (direct line) >>> {+} >>> >>> *> 2008-2009 Season: **Tosca* <http://www.vaopera.org/tosca> | *The >>> Barber of Seville* <http://www.vaopera.org/barber> >>> *> Recently Announced: **Virginia Opera's 35th Anniversary Season >>> 2009-2010* <http://www.vaopera.org/upcoming> >>> Visit us online at www.vaopera.org or call 1-866-OPERA-VA >>> ------------------------------ >>> >>> This e-mail and any attached files are confidential and intended solely >>> for the intended recipient(s). Unless otherwise specified, persons unnamed >>> as recipients may not read, distribute, copy or alter this e-mail. Any views >>> or opinions expressed in this e-mail belong to the author and may not >>> necessarily represent those of Virginia Opera. Although precautions have >>> been taken to ensure no viruses are present, Virginia Opera cannot accept >>> responsibility for any loss or damage that may arise from the use of this >>> e-mail or attachments. >>> >>> {*} >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> ------------------------------------------------------------------------------------------ >>> The pages accompanying this email transmission contain information from >>> MJMC, Inc., which >>> is confidential and/or privileged. The information is to be for the use of >>> the individual >>> or entity named on this cover sheet. If you are not the intended recipient, >>> you are >>> hereby notified that any disclosure, dissemination, distribution, or >>> copying of this >>> communication is strictly prohibited. If you received this transmission in >>> error, please >>> immediately notify us by telephone so that we can arrange for the retrieval >>> of the original >>> document. >>> >>> >> >> >> >> >> > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
