Thank you Edward, but I understand that the hotfix should be deployed first. So the path for networks will be 1 Convert the exe to msi 2.Deploy the msi to machines 3.Deploy the .REG you setted on a machine to machines And for small envs with workgoups you should visit the machines as Admin GuidoElia HELPPC
_____ Da: Ziots, Edward [mailto:[email protected]] Inviato: giovedì 26 agosto 2010 16.06 A: NT System Admin Issues Oggetto: RE: Insecure Library Loading Vulnerability Apply the hotfix accordingly. Set the registry key on a machine, export the .REG file and apply via a computer Startup GPO to the targeted systems. Or you can use regini to script out the install, etc etc. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 From: Steven M. Caesare [mailto:[email protected]] Sent: Thursday, August 26, 2010 9:10 AM To: NT System Admin Issues Subject: RE: Insecure Library Loading Vulnerability Seriously? -sc From: HELP_PC [mailto:[email protected]] Sent: Thursday, August 26, 2010 2:42 AM To: NT System Admin Issues Subject: R: Insecure Library Loading Vulnerability Can you explain to me how to apply it ? Launch the MS file locally and revisit the registry ? Is it doable through GPO? TIA GuidoElia HELPPC _____ Da: Carl Houseman [mailto:[email protected]] Inviato: giovedì 26 agosto 2010 8.21 A: NT System Admin Issues Oggetto: RE: Insecure Library Loading Vulnerability I don't see where MS advised that "many things" may not work after implementing the 2264107 patch. I just re-read the security advisory and there is no "impact of workaround" mentioned for the patch. In short, MS has fairly much implied that the patch is without severe consequences. You should test the 2264107 patch with your chosen registry setting(s) that enable the patch, just the same as you would test any security patch, before putting it into production. Carl From: HELP_PC [mailto:[email protected]] Sent: Thursday, August 26, 2010 1:29 AM To: NT System Admin Issues Subject: R: Insecure Library Loading Vulnerability You are right! The problem is not I don't like the workaround but the unknown results I can get in a network. MS advices many things may not work after. ( Or did I misunderstand?) GuidoElia HELPPC _____ Da: Carl Houseman [mailto:[email protected]] Inviato: giovedì 26 agosto 2010 7.19 A: NT System Admin Issues Oggetto: RE: Insecure Library Loading Vulnerability And these as well: Firefox, Dreamweaver, Opera, Teamviewer, VLC Media player, Avast, Camtasia, SnagIt, Live Mail, Powerpoint. And those are likely just the beginning. I'd expect the number to get to 100's of apps. As for remedy, you either wait for the apps be updated or patched with secure DLL loading code, or you implement the workaround patch from Microsoft that you don't like. Carl From: HELP_PC [mailto:[email protected]] Sent: Thursday, August 26, 2010 1:04 AM To: NT System Admin Issues Subject: Insecure Library Loading Vulnerability According to Secunia already found vulnerabilities on Windows Address Book and Office Groove. Are we going to an out of band remedy ? GuidoElia HELPPC ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
