Educause Security Discussion mailing list archives
Re: Patching iTunes and Firefox
From: Kevin Kelly <kck () IAS EDU>
Date: Wed, 10 Feb 2010 00:22:16 -0500
Hi Lori, I agree with you that patching 3rd party applications is a challenging and time consuming part of our jobs. That being said, it's not impossible if you have the right set of tools. To patch the two applications that you asked about, I use the psexec tool that is part of PSTOOLS. It's a free download from Microsoft. The basic syntax is as follows: iTunes: psexec \\hostname_to_update -s msiexec /qn /norestart /i "\\servername\sharename\iTunes\iTunes.msi" Assuming all goes well, you will receive an error code of 0 Firefox psexec \\hostname_to_update -s "\\servername\sharename\Firefox\Firefox Setup 3.5.7.exe" -ms Again, assuming all goes well, you will receive an error code of 0. Two good resources to look at for silent installers are: AppDeploy - http://www.appdeploy.com/ WPKG - http://wpkg.org/Category:Silent_Installers We use Secunia here to help us identify insecure applications on our client workstations. It has proven to be an extremely valuable tool for us and I would highly recommend it to anyone that is responsible for maintain software applications on a Windows-based OS. They are now beta testing a patching tool that is supposed to interface a WSUS server. Looks interesting. Feel free to contact me offline if you have any additional questions about the applications that I routinely patch and how I do it. Good luck! Kevin Kelly Institute for Advanced Study Princeton, NJ USA -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv on behalf of Christianson, Lorrayne K. Sent: Tue 2/9/2010 10:59 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Patching iTunes and Firefox We are reviewing the products we place on our "standard image" and, as in years past, are faced with more and more products which our clients want, but are hard to patch and keep secure. So we are looking for feedback on how others are dealing with patching products such as iTunes and Firefox. Lori Christianson Associate Director-Client Services Information Resources & Technologies University of St. Thomas 2115 Summit Ave Mail 5051 St. Paul, MN 55105 (651) 962-6286 lori_c () stthomas edu<mailto:lori_c () stthomas edu> [cid:image001.png@01CAA9C6.B2721480] Don't take the bait! IRT will never ask you for your username and password via email. Phishing e-mails attempt to deceive the recipient into giving up private information in a response to a message or by leading the recipient to a fraudulent Web site. Learn more about phishing here<blocked::http://www.stthomas.edu/irt/support/email/phishing.html>.
Current thread:
- Patching iTunes and Firefox Christianson, Lorrayne K. (Feb 09)
- <Possible follow-ups>
- Re: Patching iTunes and Firefox Jason Chambers (Feb 09)
- Re: Patching iTunes and Firefox Kevin Kelly (Feb 09)
- Re: Patching iTunes and Firefox Joe Artz (Feb 10)
- Re: Patching iTunes and Firefox Stanclift, Michael (Feb 10)