OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Riccardo Fontana (riccardo.fontanaaaasgr.it)
Date: Fri Nov 16 2001 - 03:42:08 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I'm still having problem with some specific Hot-fixes and patches.

    Some of them are available in a package slightly different than others
    and they have different installation Options:

    Example:

    MS00-055 HotFix: q269368.exe
    Installation option available:
    /Q: Quiet mode for package
    /T:<full path> Specifies temporary working folder
    /C Extract files only (with /T)
    /C:<Cmd> Override Install Command defined by author

    MS01-048 HotFix: Q305399i.exe
    Installation option available:
    -y Perform uninstall (only with /M or /Q)
    -f Force apps closed at shutdown
    -n Do not create uninstall directory
    -z Do not reboot when update complete
    -q Quite mode - No user interface
    -m Unattended mode
    -l List installed hotfixes

    The /Q switch doesn't give the same result. With q269368.exe I still
    obtain a pop-up window that requires user interaction.

    M. Burnett wrote:

    > Here's a batch file that will install all hotfixes in the directory
    > from which it is run (may be wrapped):
    >
    > for /R %%f in (Q*.exe) do echo Installing %%f && %%f -n -z -q -m
    > qchain.exe
    > REM add any other files to install here...
    >
    >
    > This batch file will run every file matching Q*.exe in the current
    > directory. Note that not every hotfix follows that naming convention
    > (such as the one for MS01-022). For those, you can just add those
    > manually at the end.
    >
    > So make that into a batch file, throw the hotfixes into the same dir
    > and run it.
    >
    > Here's a variation:
    >
    > To verify the signature on each hotfix before installing, use
    > chktrust.exe, which is found in
    > http://msdn.microsoft.com/downloads/tools/authenticode/codesign.exe
    > (may be wrapped):
    >
    > for /R %%f in (Q*.exe) do chktrust -q %%~nxf && (echo Installing
    > %%~nxf... && %%f -n -z -q -m && echo -) || (echo %%f is corrupt
    > and will not be installed)
    >
    > qchain.exe
    > REM add any other files to install here...
    >
    >
    > Hope this helps.
    >
    > Mark Burnett
    > www.xato.net
    > www.iis-insider.com
    >
    >
    >
    >
    > On Thu, 15 Nov 2001 17:56:39 +0100, Riccardo Fontana wrote:
    >
    >>Hi all,
    >>
    >>I don't know if this has already been discussed.
    >>
    >>Is there any tool or method to create a batch to perform an
    >>automatic
    >>installation (i.e. w/o any user input) of MS hotfixes and patches ?
    >>
    >>I'm trying to automate the installation of patches on my network
    >>with
    >>HFNetChk and some simple command like:
    >>
    >>at \\computer-name 23.00 c:\localpath\batch.cmd
    >>
    >>Where "batch.cmd" is a script generated from HFNetChk result.
    >>
    >>p.s.: This method rely on the presence of both patches and scripts
    >>on
    >>localhost because at-launched application run as SYSTEM, and there
    >>is no
    >>way to have them access a network share.
    >>
    >>
    >>Is there any better way to obtain the same results ?
    >>
    >>installing iis security hotfixes
    >>
    >
    >
    >
    > 

    -- 
---------------------------------------
Riccardo Fontana
Antonveneta ABN AMRO
Via Deruta 22
20100 Milano
Tel. +39 - (0)2 80635.533
Fax. +39 - (0)2 80635.555
E-Mail: riccardo.fontanaaaasgr.it
---------------------------------------