+2 Jon On Wed, Jul 8, 2009 at 1:16 PM, Phillip Partipilo <[email protected]> wrote:
> +1 > > > Phillip Partipilo > Parametric Solutions Inc. > Jupiter, Florida > (561) 747-6107 > > > ------------------------------ > *From:* Jonathan Link [mailto:[email protected]] > *Sent:* Wednesday, July 08, 2009 10:53 AM > *To:* NT System Admin Issues > *Subject:* Re: New IE zero day exploit in the wild > > After taking local admin rights away from users my plate is less full. > YMMV. > > On Wed, Jul 8, 2009 at 10:47 AM, Kurt Buff <[email protected]> wrote: > >> Yes, unfortunately, all our users are admins. It sucks, but I use it >> to my advantage when I can. >> >> The reason we've not done a GP is because we haven't had the luxury of >> studying to understand them. Our plates always seem to be full with >> other things. >> >> On Tue, Jul 7, 2009 at 19:04, Ken Schaefer<[email protected]> wrote: >> > Are all your users admins? Otherwise, how is that logon script going to >> update HKLM? >> > >> > Machine-based startup script would be better idea, no? >> > >> > Cheers >> > Ken >> > >> > ________________________________________ >> > From: Kurt Buff [[email protected]] >> > Sent: Wednesday, 8 July 2009 2:41 AM >> > To: NT System Admin Issues >> > Subject: Re: New IE zero day exploit in the wild >> > >> > I'm just pushing out the .reg file in the login script: >> > >> > regedit /s \\fileserver\public\patches\videokillbits.reg >> > >> > The file was easy to create, in a capable editor (not notepad or >> > wordpad) that allows metacharacter search and replace, such as '\n' >> > for CRLF and '\t' for tab. I used the ancient, no-longer-supported >> > PFE32. I really should switch to VIM, I suppose. >> > >> > On Tue, Jul 7, 2009 at 08:40, Eric >> > Wittersheim<[email protected]> wrote: >> >> I'm pushing out the .reg via GP. So far so good. >> >> >> >> On Tue, Jul 7, 2009 at 10:38 AM, David Lum <[email protected]> wrote: >> >>> >> >>> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is >> pushing >> >>> fine (so far just a few test cases have it, but no issues). Beats >> trying to >> >>> push out a .REG or something… >> >>> >> >>> >> >>> >> >>> David Lum // SYSTEMS ENGINEER >> >>> NORTHWEST EVALUATION ASSOCIATION >> >>> (Desk) 971.222.1025 // (Cell) 503.267.9764 >> >>> >> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > >> > >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> > > > > > > ------------------------------ > If this email is spam, report it here: > http://www.OnlyMyEmail.com/ReportSpam<http://www.onlymyemail.com/view/?action=reportSpam&Id=ODEzNjQ6OTI2MTkwNzgwOnBqcEBwc25ldC5jb20%3D> > THIS ELECTRONIC MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL AND > PROPRIETARY PROPERTY OF THE SENDER. THE INFORMATION IS INTENDED FOR USE BY > THE ADDRESSEE ONLY. ANY OTHER INTERCEPTION, COPYING, ACCESSING, OR > DISCLOSURE OF THIS MESSAGE IS PROHIBITED. IF YOU HAVE RECEIVED THIS MESSAGE > IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER AND DELETE THIS MAIL AND ALL > ATTACHMENTS. DO NOT FORWARD THIS MESSAGE WITHOUT PERMISSION OF THE SENDER. > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
