From: Jon Galbreath <[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> >
Reply-To: Jon Galbreath <[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> >
Date: Fri, 24 Sep 2010 11:31:09 -0400
To: "[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> " <[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> >


Subject: Re: [MSUNAG] Re-evaluating tools for patching workstations/servers and 3rd party apps

I push new versions of Flash via AD and GPOs.  Downloads for the corporate versions without the built-in updater and nag screens can be found here:
ActiveX MSI link <http://fpdownload.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_10_active_x.msi>
Plugin MSI Link <http://fpdownload.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_10_plugin.msi>
 

Jon Galbreath
MCSE/Security+
Systems Administrator
International Studies and Programs
Ph: 517-884-2144
[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]>
 

From: Peter J Murray [mailto:[log in to unmask]]
Sent: Friday, September 24, 2010 11:28 AM
To: [log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]>
Subject: Re: [MSUNAG] Re-evaluating tools for patching workstations/servers and 3rd party apps

So how are people keeping Flash and all those other Adobe products updated on Windows machines?

Also somewhat related, how do various departments handle admin rights over the users PC for the user of that PC?

From: "Vasquez, Timo" <[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> >

Date: Fri, 24 Sep 2010 11:24:56 -0400

To: <[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> >

ReplyTo: "Vasquez, Timo" <[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> >

Subject: Re: [MSUNAG] Re-evaluating tools for patching workstations/servers and 3rd party apps


Agreed sir.
 

Timoteo "Timo" Vasquez; MCTS, MCP
 Client Services - Network Security Team
[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]>  - 517.884-3082
        Administrative Information Services
                2 Administration Bldg
              East Lansing, MI 48832
                    "...I agree with you!"


From: STeve Andre' [mailto:[log in to unmask]]
Sent: Thursday, September 23, 2010 2:50 PM
To: [log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]>
Subject: Re: [MSUNAG] Re-evaluating tools for patching workstations/servers and 3rd party apps

If I get what you're saying Timo--and please correct me if I'm wrong--
you are saying that most of the risk now is people downloading things
they first see when Googling, and they get zapped by some extra treat
in the software they just got.

I don't believe that.  I think that Adobe's horrors (the three fates of
Windows!), Acrobat, Flash and Shockwave represent an amazing
amount of the exploits out there.  Flash especially is a great vehicle
for handing out exploits.

Yes, some people wander around the net and say "Ohh! Thats neat!"
and download some crawling horror, but I think that the more main-
stream exploit is to take advantage of something dealing with the
web.

--STeve Andre'
 
On 09/23/10 14:18, Vasquez, Timo wrote:
You know Firmin,
Most of the risk has been shifted to the source people are downloading from.  So many people rather Google a product, and grab from the first page of results. So that is a majority of the issue is repackaged products with additional *ware in it.  This is very hard to find cause most actions that are being executed are not going to set off a lot of the antivirus products with medium to low heuristics.  
 
You know I am curious as to a good antivirus that can run on Linux without having to be installed whenever there is a new kernel update.  So good luck to you and your quest old friend.
 

Timoteo "Timo" Vasquez; MCTS, MCP
 Client Services - Network Security Team
[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]>  - 517.884-3082
        Administrative Information Services
                2 Administration Bldg
              East Lansing, MI 48832
                    "...I agree with you!"


From: Charlot, Firmin [mailto:[log in to unmask]]
Sent: Wednesday, September 22, 2010 3:15 PM
To: [log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]>
Subject: [MSUNAG] Re-evaluating tools for patching workstations/servers and 3rd party apps

As you know the vectors of attacks have been shifting for some time now towards 3rd party apps like Adobe, Flash and others.
Do you know of any tools that can centrally scan for vulnerabilities and centrally remediate 3rd party apps, Windows & Linux Operating Systems?  
If you have a favorite that you would like to share that would be great.
Thanks.
 
Firmin Charlot, ITIL, MCSE, A+, Information Systems Manager
Michigan State University - Student Services
Educational and Support Services   162 Student Services Building   East Lansing, MI 48824
[log in to unmask]">[log in to unmask] <[log in to unmask]">http:[log in to unmask]> <blocked::mailto:[log in to unmask]> (517) 432-7541
Submit technical requests at https://help.ess.msu.edu/ <blocked::http://help.ess.msu.edu/>
 





--
Troy Murray