I understand and can set up GP to push out the msi file. I think it is best in the "Computer Configuration | Software Settings | Software Installation" (correct?).
My understanding is that the msi file will be run every time the computer is turned on. Is this correct, or a misunderstanding on my part? If it is correct, how does one prevent that from happening (i.e. have the msi (or reg file) execute only once)? Thanks. Mark From: Eric Wittersheim [mailto:[email protected]] Sent: Tuesday, July 07, 2009 9:41 AM To: NT System Admin Issues Subject: Re: New IE zero day exploit in the wild I'm pushing out the .reg via GP. So far so good. On Tue, Jul 7, 2009 at 10:38 AM, David Lum <[email protected]> wrote: The "Microsoft fix-it" is an MSI that I am pushing via SMS and is pushing fine (so far just a few test cases have it, but no issues). Beats trying to push out a .REG or something... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: J Kyo [mailto:[email protected]] Sent: Tuesday, July 07, 2009 8:18 AM To: NT System Admin Issues Subject: Re: New IE zero day exploit in the wild Curious if anyone has used the "Microsoft Fix It" from: http://support.microsoft.com/kb/972890. On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman <[email protected]> wrote: Recommendation from MS is to set the killbits everywhere. http://www.microsoft.com/technet/security/advisory/972890.mspx Carl From: Ken Schaefer [mailto:[email protected]] Sent: Monday, July 06, 2009 9:06 PM To: NT System Admin Issues Subject: RE: New IE zero day exploit in the wild Seems to be XP / Windows Server 2003 only? Cheers Ken ________________________________ From: Alex Eckelberry [[email protected]] Sent: Tuesday, 7 July 2009 5:56 AM To: NT System Admin Issues Subject: New IE zero day exploit in the wild Our labs have confirmed this and it is quite nasty. Best bet for now is to set the killbits. Or don't use IE. Some references: Microsoft: http://www.microsoft.com/technet/security/advisory/972890.mspx SANS: http://isc.sans.org/diary.html?storyid=6733 I would take this one quite seriously. Alex ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
