Are you doing it in a Startup script via the GP?
Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected] Phone:401-639-3505 ________________________________ From: Eric Wittersheim [mailto:[email protected]] Sent: Tuesday, July 07, 2009 11:41 AM To: NT System Admin Issues Subject: Re: New IE zero day exploit in the wild I'm pushing out the .reg via GP. So far so good. On Tue, Jul 7, 2009 at 10:38 AM, David Lum <[email protected]> wrote: The "Microsoft fix-it" is an MSI that I am pushing via SMS and is pushing fine (so far just a few test cases have it, but no issues). Beats trying to push out a .REG or something... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: J Kyo [mailto:[email protected]] Sent: Tuesday, July 07, 2009 8:18 AM To: NT System Admin Issues Subject: Re: New IE zero day exploit in the wild Curious if anyone has used the "Microsoft Fix It" from: http://support.microsoft.com/kb/972890. On Mon, Jul 6, 2009 at 6:24 PM, Carl Houseman <[email protected]> wrote: Recommendation from MS is to set the killbits everywhere. http://www.microsoft.com/technet/security/advisory/972890.mspx Carl From: Ken Schaefer [mailto:[email protected]] Sent: Monday, July 06, 2009 9:06 PM To: NT System Admin Issues Subject: RE: New IE zero day exploit in the wild Seems to be XP / Windows Server 2003 only? Cheers Ken ________________________________ From: Alex Eckelberry [[email protected]] Sent: Tuesday, 7 July 2009 5:56 AM To: NT System Admin Issues Subject: New IE zero day exploit in the wild Our labs have confirmed this and it is quite nasty. Best bet for now is to set the killbits. Or don't use IE. Some references: Microsoft: http://www.microsoft.com/technet/security/advisory/972890.mspx SANS: http://isc.sans.org/diary.html?storyid=6733 I would take this one quite seriously. Alex ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
