RE: Windows Update v5 and XPSP2RC2

From: Ball, Greg (greg.ball_at_owenscorning.com)
Date: 07/28/04

  • Next message: Terwelp, Jeff: "RE: Windows Update v5 and XPSP2RC2" 
    Date: Tue, 27 Jul 2004 18:07:07 -0400
To: "Jordan Wiseman" <Jordan_Wiseman@Valleymed.org>, <focus-ms@securityfocus.com>

    Jordon,

    While not putting words into Ansgar's mouth, I believe he was referring to
    running reg.exe, not the regedt32 or regedit GUI. Reg.exe is a fully
    scriptable registry updating tool that's been around in various forms since
    NT 3.51 days.

    To me it's a better solution in this case over psexec because it doesn't
    leave any .reg files behind (or at least I don't have to modify my processes
    to include deleting the .reg file). I just create a .cmd file that has the
    registry key(s) you want to modify and use a replaceable parameter as in
    your example for the server name. As a bonus, reg.exe also has exit codes
    (0 or 1) for error checking. Below is an example of one I have that I've
    used here.

    Please note that there are two versions of reg.exe that are still floating
    around. The syntax below is for v3.0. If you are using the other version
    (1.05), the command line below will not work for you as typed -- but can be
    easily modified to work.

    E.g. (test.cmd) = reg add
    \\%1\HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters /v
    AutoSiteCoverage /t REG_DWORD /d 0 /f

    Then loop this .cmd file using your example:

    E.g. for /F %i in (computers.txt) do test.cmd %i

    Thanks,

    Greg

    -----Original Message-----
    From: Jordan Wiseman [mailto:Jordan_Wiseman@Valleymed.org]
    Sent: Monday, July 26, 2004 16:54
    To: focus-ms@securityfocus.com
    Subject: RE: Windows Update v5 and XPSP2RC2

    Yes...but not easily scripted like you can with psexec....with a list of
    computer names (from new view maybe) a single "for" loop could hit all the
    machines with psexec automatically.

    ie:

    for /F %i in (computers.txt) do psexec -i -u domain\user -p password -d \\%i
    "regedit" "/s \\server\share\file.reg"

    IMHO, this is much easier than manually hitting several machines with the
    regedit GUI.

    __________
    Jordan Wiseman - TSA
    Valley Medical Center
    425-228-3440 x1444

    -----Original Message-----
    From: Ansgar -59cobalt- Wiechers [mailto:bugtraq@planetcobalt.net]
    Sent: Monday, July 26, 2004 10:36 AM
    To: focus-ms@securityfocus.com
    Subject: Re: Windows Update v5 and XPSP2RC2

    On 2004-07-23 blake.securityfocus@andromedia.ca wrote:
    > In the (regrettable) absence of group policy, one could probably use
    > something like PSExec (from the PSTools package:
    > http://www.sysinternals.com/ntw2k/freeware/psexec.shtml) to load a
    > .REG file remotely.

    No need for that. reg.exe can be used against remote computers.

    Regards
    Ansgar Wiechers 

    --
"Those who would give up liberty for a little temporary safety deserve
neither liberty nor safety, and will lose both."
--Benjamin Franklin
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
  • Next message: Terwelp, Jeff: "RE: Windows Update v5 and XPSP2RC2"