Deploy Microsoft Zero-Day Patch with a Zenith Job
Mark Berry July 7, 2009
Yesterday, Microsoft released this security advisory:
Vulnerability in Microsoft Video ActiveX control could allow remote code execution
That article includes a “Fix it” link that users can click on to disable the exploited ActiveX objects in Internet Explorer. The link downloads a small installer file which users can only execute if they are logged on as administrators. So deploying using that link would require that an administrator log on to each computer, including servers, and run the installer.
How can I quickly deploy this patch to all systems that I manage? I could follow the instructions in the related TechNet article to manually set up a .reg file, then deploy that with logon scripts or group policy. That article at least confirms that the fix is changing HKEY_LOCAL_MACHINE entries, so it’s not user-specific. I decided instead to deploy the installer using a Zenith job. Here’s how.
More...About
Welcome to the Tech Blog! MCB Systems is a San Diego-based provider of information technology services and custom database programming services. We are based in Point Loma with easy access to downtown San Diego, Ocean Beach, Pacific Beach, and Mission Valley. This tech blog is geared towards my I.T. colleagues, but end users may be interested to glimpse what goes on "behind the scenes" in keeping their computing environments stable and secure.
Mark Berry owns MCB Systems, a San Diego provider of I.T. services. Contact MCB Systems.
Subscribe to the MCB Tech Blog
