Here is an ADM template to set the killbit for the vulnerable Real Player Active X control and policy hack for Adobe to set the mail:3 stuff for 8.0. Use at your own risk, if this hoses your box and or domain don't come crying to me ;-)....
CLASS MACHINE
CATEGORY VulnFixes
POLICY "Vulnerable Real Player Activex component"
KEYNAME "SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FDC7A535-4070-4B92-A0EA-D9994BCC0DC5}"
EXPLAIN Killit
VALUENAME "Compatibility Flags"
VALUEON NUMERIC 1024
VALUEOFF NUMERIC 0
END POLICY
POLICY "Vulnerable Adobe Acrobat Reader 8"
KEYNAME "SOFTWARE\Policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchURLPerms"
EXPLAIN "Set mail:3 per http://www.adobe.com/support/security/advisories/apsa07-04.html"
VALUENAME "tSchemePerms"
VALUEON "version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:3|file:2"
VALUEOFF "version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:2|file:1"
END POLICY
POLICY "Vulnerable Adobe Acrobat 8"
KEYNAME "SOFTWARE\Policies\Adobe\Adobe Acrobat\8.0\FeatureLockdown\cDefaultLaunchURLPerms"
Explain "Set mail:3 per http://www.adobe.com/support/security/advisories/apsa07-04.html"
VALUENAME "tSchemePerms"
VALUEON "version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:3|file:2"
VALUEOFF "version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:2|file:1"
END POLICY
END CATEGORY
[strings]
VulnFixes="VulnFixes"
Killit="Set kill bit"
0 comments:
Post a Comment