I'd greatly appreciate any advice on this as well. This particular hotfix
is an IE hotfix and these never have the conventional switches and behavior,
and do other hotfixes that tend to be not OS related. Why can't Microsoft
just standardize these to use the same hotfixes flags all the others do??!
Is that to much to ask?

The only thing I've found to do is just "deal with it" and run those
hotfixes last, which leads me to a question:

Does QCHAIN take into account DLL versioning for ALL hotfixes? I can run a
bunch of standard packaged OS hotfixes, then run this IE hotfix which is
packaged differently, then run QCHAIN, but I honestly don't know if that IE
hotfixes replaces some previous hotfix DLL that it shouldnt, if QCHAIN is
going to sort it out.

-----Original Message-----
From: Deji [mailto:dejiprontomail.com]
Sent: Thursday, November 15, 2001 8:14 PM
To: M. Burnett; focus-mssecurityfocus.com
Subject: Re: Batching Hot-fix installation

Sorry for hitching onto this topic here, but my question is pertinent to the
topic underway.

I script my hotfixes installations for deployment across hundreds of
clients. I still haven't been able to figure out how to supress the "do you
want to restart...?" or "do you want to install?) prompts so the script can
continue onto the next hotfix?

I know most of the hotfixes have the -q -z -m switches, but there are other
ones (like q312461.exe) that don't. How do people work around it?

Thanks
Deji

----- Original Message -----
From: "M. Burnett" <mburnettxato.net>
To: <focus-mssecurityfocus.com>
Sent: Thursday, November 15, 2001 7:58 AM
Subject: Re: Batching Hot-fix installation

Here's a batch file that will install all hotfixes in the directory
from which it is run (may be wrapped):

for /R %%f in (Q*.exe) do echo Installing %%f && %%f -n -z -q -m
qchain.exe
REM add any other files to install here...

This batch file will run every file matching Q*.exe in the current
directory. Note that not every hotfix follows that naming convention
(such as the one for MS01-022). For those, you can just add those
manually at the end.

So make that into a batch file, throw the hotfixes into the same dir
and run it.

Here's a variation:

To verify the signature on each hotfix before installing, use
chktrust.exe, which is found in
http://msdn.microsoft.com/downloads/tools/authenticode/codesign.exe
(may be wrapped):

for /R %%f in (Q*.exe) do chktrust -q %%~nxf && (echo Installing
%%~nxf... && %%f -n -z -q -m && echo -) || (echo %%f is corrupt
and will not be installed)

qchain.exe
REM add any other files to install here...

Hope this helps.

Mark Burnett
www.xato.net
www.iis-insider.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]