Enable Solution to CVE-2017-8529 - Windows 7 SP1 / 8.1 / 10 / Windows Server 2008 SP2 / 2008 R2 SP1 / 2012 / 2012 R2 / 2016
0 Votes |
Description
Use this Fixlet to enable solution to CVE-2017-8529. |
File Size:
UnspecifiedProperty Details
24651 | |
Alpha - Code that was just developed | |
Enable Solution to CVE-2017-8529 - Windows 7 SP1 / 8.1 / 10 / Windows Server 2008 SP2 / 2008 R2 SP1 / 2012 / 2012 R2 / 2016 | |
Setting | |
Microsoft | |
Unspecified | |
Unspecified | |
9/12/2017 12:00:00 AM | |
CVE-2017-8529 | |
Testing multiple Fixlets | |
JasonL on 10/5/2017 3:09:14 AM | |
JasonL on 10/5/2017 3:09:14 AM | |
11817 Views / 40 Downloads | |
* Average over 0 ratings. ** Log In or Register to add your rating. |
Relevance
Used in 365 fixlets | * Results in a true/false |
(if( name of operating system starts with "Win" ) then platform id of operating system != 3 else false) AND (if exists property "in proxy agent context" then ( not in proxy agent context ) else true )
Used in 1 fixlet | * Results in a true/false |
((name of it = "Win2008") AND service pack major version of it = 2 OR (name of it = "Win7" OR name of it = "Win2008R2") AND service pack major version of it = 1 OR name of it = "Win8" OR name of it = "Win8.1" OR name of it = "Win10" OR name of it = "Win2012" OR name of it = "Win2012R2" OR name of it = "Win2016") of operating system
Used in 1 fixlet | * Results in a true/false |
number of (elements of ((set of (if (exists key "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" of native registry) then elements whose ((it contains "4036586" OR it contains "4038777" OR it contains "4038781" OR it contains "4038782" OR it contains "4038783" OR it contains "4038788" OR it contains "4038792" OR it contains "4038799") AND it does not contain "_") of (set of ((substrings before "~" of substrings after "for_" of names of keys whose (name of it contains "for_" AND (it = 96 or it = 112 or it = 6 or it = 7) of (value "CurrentState" of it as integer)) of key "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" of native registry) as uppercase)) else (nothing))))) > 0
Used in 1 fixlet | * Results in a true/false |
not exist keys "FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX" whose (value "iexplore.exe" of it as integer = 1) of keys "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl" of native registry
Used in 1 fixlet | * Results in a true/false |
not pending restart "5eae6a9509552040ccf975999b91b3979fc0821d"
Actions
Action 1
Action Link Click
here to initiate the deployment process.
Script Type
BigFix Action Script
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX]" "iexplore.exe"=dword:00000001
if {x64 of operating system}
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX]" "iexplore.exe"=dword:00000001
endif
action requires restart "5eae6a9509552040ccf975999b91b3979fc0821d"
Success Criteria
This action will be considered successful when the applicability relevance evaluates to false.
Action 2
Action Link Click
here to see the Security Guidance Article for this update.
Script Type
URL
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8529
Sharing
Social Media: |
Comments
|
|
I had to tweak this part to make it relevant for Windows 7, but still not working for Win10: elements whose ( (it contains "4036586" OR it contains "4038777" OR it contains "4038781" OR it contains "4038782" OR it contains "4038783" OR it contains "4038788" OR it contains "4038792" OR it contains "4038799" ) AND it does not contain "_") Changed to: elements whose ( (it contains "40387" /* Commenting out... OR it contains "4038777" OR it contains "4038781" OR it contains "4038782" OR it contains "4038783" OR it contains "4038788" OR it contains "4038792" OR it contains "4038799" */ ) AND it does not contain "_") Should I just remove this relevance to make it applicable to Windows 10? |
|
|
Relevance 3020395 prevents this from applying to Windows 7/10 workstations. What exactly is this looking for, and how can it be changed to be relevant for these operating systems? (it seems to work for Server OSes) |