Yes, unfortunately, all our users are admins. It sucks, but I use it to my advantage when I can.
The reason we've not done a GP is because we haven't had the luxury of studying to understand them. Our plates always seem to be full with other things. On Tue, Jul 7, 2009 at 19:04, Ken Schaefer<[email protected]> wrote: > Are all your users admins? Otherwise, how is that logon script going to > update HKLM? > > Machine-based startup script would be better idea, no? > > Cheers > Ken > > ________________________________________ > From: Kurt Buff [[email protected]] > Sent: Wednesday, 8 July 2009 2:41 AM > To: NT System Admin Issues > Subject: Re: New IE zero day exploit in the wild > > I'm just pushing out the .reg file in the login script: > > regedit /s \\fileserver\public\patches\videokillbits.reg > > The file was easy to create, in a capable editor (not notepad or > wordpad) that allows metacharacter search and replace, such as '\n' > for CRLF and '\t' for tab. I used the ancient, no-longer-supported > PFE32. I really should switch to VIM, I suppose. > > On Tue, Jul 7, 2009 at 08:40, Eric > Wittersheim<[email protected]> wrote: >> I'm pushing out the .reg via GP. So far so good. >> >> On Tue, Jul 7, 2009 at 10:38 AM, David Lum <[email protected]> wrote: >>> >>> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is pushing >>> fine (so far just a few test cases have it, but no issues). Beats trying to >>> push out a .REG or something… >>> >>> >>> >>> David Lum // SYSTEMS ENGINEER >>> NORTHWEST EVALUATION ASSOCIATION >>> (Desk) 971.222.1025 // (Cell) 503.267.9764 >>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
