Probably from the same Patch Management list, but this just in:
There appears to be a coding boo-boo in the POLICY
{37B03544-A4C8-11D2-B634-00C04F79498E} portion of the X86.adm file.
It is missing this:
ITEMLIST
NAME "dword:00000400" VALUE NUMERIC 1024
END ITEMLIST
Thanks
Gordon Pegue
From: James Rankin [mailto:[email protected]]
Sent: Friday, July 10, 2009 2:59 PM
To: NT System Admin Issues
Subject: Re: WSUS and IE8
Someone posted the link to the Patch Management list that I used
http://blogs.msdn.com/askie/archive/2009/07/08/quick-and-dirty-group-pol
icy-adm-template-to-implement-the-workaround-from-kb972890.aspx
Looks like there was a coding error in it, apparently
2009/7/10 Carl Houseman <[email protected]>
Is there a URL for those ".adm files available from MS"? No one else
has mentioned them nor were they part of the "workarounds" section of
the SB. It seems like such things would have been tested and not
hazardous to use.
Carl
From: James Rankin [mailto:[email protected]]
Sent: Friday, July 10, 2009 2:28 PM
To: NT System Admin Issues
Subject: Re: WSUS and IE8
Yeah, I was intending to do it with a group policy preference, but when
I saw the .adm files available from MS, I thought I would save myself a
bit of time and apply them through a "normal" GPO, registry settings
from a .adm file
As usual, it turned out to be more work, and not less :-)
2009/7/10 Carl Houseman <[email protected]>
What do you mean by "standard GPO"? A custom .adm file?
I think most of us are doing this in GPO by running a startup script to
run a .reg file.
Carl
From: James Rankin [mailto:[email protected]]
Sent: Friday, July 10, 2009 5:57 AM
To: NT System Admin Issues
Subject: Re: WSUS and IE8
I managed to solve the problem here, but I am at a loss to explain it.
This morning I used Microsoft's .adm file to set the forty-odd killbits
via GPO for my server systems. Pretty soon after this I noticed IE8
being offered on a number of servers. For some reason all the WSUS
settings, which are applied via GPO, were gone from the Registry.
Running a gpupdate threw a few "parameter incorrect" errors in the
Application log on the GPO just created, which then seemed to choke the
rest of the GPOs off - even though it reported successful application.
Seems, in the absence of the WSUS settings, my servers went "running
home to mama" and decided to pull in the IE8 update, the XML Core
Services stuff, and the June Malicious Software Removal tool from
Windows Update. Deleting the link to the new GPO, and running a
gpupdate, then a wuauclt /detectnow, has made them disappear again.
Pretty weird. I am now going to have the nice job of entering all those
killbits into a Group Policy Preference instead of a standard GPO. Just
thought I would share in case anyone else notices the same thing.
2009/7/10 James Rankin <[email protected]>
Is it just me, or has everyone just noticed IE8 offering itself as an
update through WSUS? I am pretty sure I have not approved it, yet here
it is, along with an updare for Microsoft XML Core Services. I was sure
that it wasn't due to come through WSUS until August - and even then it
shouldn't have made it through the approval process without some
intervention.
--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."
http://raythestray.blogspot.com
--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."
http://raythestray.blogspot.com
--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."
http://raythestray.blogspot.com
--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."
http://raythestray.blogspot.com
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
