Distributing Microsoft Security Patches Silently
Novell Cool Solutions: Trench
By Justin Birt
Digg This -
Posted: 4 Feb 2004
I have been working at a site of approximately 600 workstations, and needed a way of distributing the latest Security Patches from Microsoft to counter RPC attacks.
There was a requirement to do this by "stealth," so the distribution had to be hidden and the workstation re-boot suppressed. (Patch would not be in place until the next day when users started their machines and logged in.)
SOLUTION: A simple ZEN app was created that copied the Security patch to C:\WINNT\TEMP on the users workstation.
This was then run by placing the following in the Run Options > Path to File field:
C:\WINNT\TEMP\Windows2000-KB824146-x86-ENU.exe /z /q
The /z and /q switches suppressed the re-boot and made the install silent. The application object was set to Force Run with Run Application Once enabled. For good measure Application Distribution Success and Application Launch Success were logged to a csv for audit purposes.
This method was considered preferable to a snAppShot as it utilised Microsoft's own installer to do all the work.
If you have any questions you may contact Justin at firstname.lastname@example.org
Command line parameter: /q /C:"dahotfix.exe /q /n"
Run the \ENU_Q832483_MDAC_x86.EXE
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com