Re: security implications of disabling WMI service
- From: "Jitendra Kalyankar" <jitendra.kalyankar@xxxxxxxxx>
- Date: Fri, 13 Oct 2006 13:34:50 +0100
I can see you resolved the issue, but there is nice utility from
Microsoft which is basically a VB Script which checks and suggests
corrective actions if problem is found with WMI. You can download it
from the following link...
http://www.microsoft.com/technet/scriptcenter/topics/help/wmidiag.mspx
Nice utility I would say, it helped me to resolve many WMI issues in
the past....
--
Sincerely,
J
On 10/12/06, Free, Bob <RWF4@xxxxxxx> wrote:
>can I run something like process explorer or regmon/filemon
The enterprise versions of filemon/regmon can be run across the network
which is extremely usefull on occasion. One more good reason to drop a
few coins on the AdminPack :-)
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Murda Mcloud
Sent: Wednesday, October 11, 2006 3:45 PM
To: nikhil@xxxxxxxxxxxxxxxxx ; focus-ms@xxxxxxxxxxxxxxxxx
Subject: RE: Re: security implications of disabling WMI service
Okay, I found a hotfix at MS for it
http://support.microsoft.com/kb/911262
and have applied it but it did seem to take a few reboots and disabling
then re-enabling the service before it worked.
Now what I couldn't work out was whether the WMI service needed to be
running WHEN the hotfix was applied(does that make sense?)
So I found that instead of disabling the service through msconfig I
rebooted and then reenabled the service through services.msc and set it
to auto and then rebooted and it worked.
A question I found myself asking also was can I run something like
process explorer or regmon/filemon before logging in? For instance, if a
startup script runs before logon, how do I check what files/services are
being used/called?
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx ]
On Behalf Of nikhil@xxxxxxxxxxxxxxxxx
Sent: Thursday, October 12, 2006 12:08 AM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: Re: Re: security implications of disabling WMI service
Hello Harlan,
Yes, by saying "makes use" I mean to say it's an
dependency.
"Windows Security Center" & "Windows ICS", both these services depends
on Windows Management Instrumentation (WMI) service. If you disable WMI
service, then above mentioned Service would fail to start.
Nikhil Wagholikar
Security Analyst
NII Consulting
Web: www.niiconsulting.com
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
--
Sincerely,
Jitendra Kalyankar
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- References:
- RE: Re: security implications of disabling WMI service
- From: Murda Mcloud
- RE: Re: security implications of disabling WMI service
- From: Free, Bob
- RE: Re: security implications of disabling WMI service
- Prev by Date: RE: Re: security implications of disabling WMI service
- Next by Date: Log Parser queries
- Previous by thread: RE: Re: security implications of disabling WMI service
- Next by thread: SecurityFocus Microsoft Newsletter #312
- Index(es):
Relevant Pages
|
