Enable Solution to CVE-2017-8529 - Windows 7 SP1 / 8.1 / 10 / Windows Server 2008 SP2 / 2008 R2 SP1 / 2012 / 2012 R2 / 2016
Log In or Register to download the BES file, and more.

0 Votes

Description

Use this Fixlet to enable solution to CVE-2017-8529.

File Size:

Unspecified

Property Details

ID24651
StatusAlpha - Code that was just developed
TitleEnable Solution to CVE-2017-8529 - Windows 7 SP1 / 8.1 / 10 / Windows Server 2008 SP2 / 2008 R2 SP1 / 2012 / 2012 R2 / 2016
CategorySetting
SourceMicrosoft
Source IDUnspecified
Source SeverityUnspecified
Source Release Date9/12/2017 12:00:00 AM
CVENamesCVE-2017-8529
KeywordsTesting multiple Fixlets
Added by on 10/5/2017 3:09:14 AM
Last Modified by on 10/5/2017 3:09:14 AM
Counters 5590 Views / 24 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 356 fixlets   * Results in a true/false
Show indented relevance
(if( name of operating system starts with "Win" ) then platform id of operating system != 3 else false) AND (if exists property "in proxy agent context" then ( not in proxy agent context ) else true )
Used in 126 fixlets   * Results in a true/false
Show indented relevance
not ia64 of operating system
Used in 1 fixlet   * Results in a true/false
Show indented relevance
((name of it = "Win2008") AND service pack major version of it = 2 OR (name of it = "Win7" OR name of it = "Win2008R2") AND service pack major version of it = 1 OR name of it = "Win8" OR name of it = "Win8.1" OR name of it = "Win10" OR name of it = "Win2012" OR name of it = "Win2012R2" OR name of it = "Win2016") of operating system
Used in 1 fixlet   * Results in a true/false
Show indented relevance
number of (elements of ((set of (if (exists key "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" of native registry) then elements whose ((it contains "4036586" OR it contains "4038777" OR it contains "4038781" OR it contains "4038782" OR it contains "4038783" OR it contains "4038788" OR it contains "4038792" OR it contains "4038799") AND it does not contain "_") of (set of ((substrings before "~" of substrings after "for_" of names of keys whose (name of it contains "for_" AND (it = 96 or it = 112 or it = 6 or it = 7) of (value "CurrentState" of it as integer)) of key "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" of native registry) as uppercase)) else (nothing))))) > 0
Used in 1 fixlet   * Results in a true/false
Show indented relevance
not exist keys "FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX" whose (value "iexplore.exe" of it as integer = 1) of keys "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl" of native registry
Used in 1 fixlet   * Results in a true/false
Show indented relevance
not pending restart "5eae6a9509552040ccf975999b91b3979fc0821d"

Actions

Action 1

Action Link Click here to initiate the deployment process.
Script Type BigFix Action Script
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX]" "iexplore.exe"=dword:00000001

if {x64 of operating system}
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX]" "iexplore.exe"=dword:00000001
endif

action requires restart "5eae6a9509552040ccf975999b91b3979fc0821d"
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.

Action 2

Action Link Click here to see the Security Guidance Article for this update.
Script Type URL
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8529
    

Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!
micahromine -
I had to tweak this part to make it relevant for Windows 7, but still not working for Win10: elements whose ( (it contains "4036586" OR it contains "4038777" OR it contains "4038781" OR it contains "4038782" OR it contains "4038783" OR it contains "4038788" OR it contains "4038792" OR it contains "4038799" ) AND it does not contain "_") Changed to: elements whose ( (it contains "40387" /* Commenting out... OR it contains "4038777" OR it contains "4038781" OR it contains "4038782" OR it contains "4038783" OR it contains "4038788" OR it contains "4038792" OR it contains "4038799" */ ) AND it does not contain "_") Should I just remove this relevance to make it applicable to Windows 10?
micahromine -
Relevance 3020395 prevents this from applying to Windows 7/10 workstations. What exactly is this looking for, and how can it be changed to be relevant for these operating systems? (it seems to work for Server OSes)