Daniel,
The version of Receiver we have is 14.3, although there may be others out there. I have downloaded the latest Citrix Receiver from the vendor's website. https://www.citrix.com/downloads/citrix-receiver/windows/receiver-for-windows-latest.html Which installs as 14.4.0.8014. Following these steps: http://support.citrix.com/article/CTX202002 I created an application in SCCM and deployed it to a test machine. CitrixReceiver.exe /silent doesn't seem to work packaged in SCCM. I get 1603 errors. I've tried both Application and Package deployments. Can you tell me how you're doing the install? Thanks, Brian ________________________________ From: [email protected] <[email protected]> on behalf of Daniel Ratliff <[email protected]> Sent: Tuesday, April 19, 2016 12:43:28 PM To: [email protected] Subject: [mssms] RE: Bulletins and manual patching The first one we are still tracking down ourselves, but your 2nd one is easy, its Citrix Reciever. You have 12.1, the latest I think is 14.4. We push Receiver out to all devices as we are a heavy XenApp/XenDesktop shop. We just use a standard package. Daniel Ratliff From: [email protected] [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Tuesday, April 19, 2016 12:14 PM To: [email protected] Subject: [mssms] Re: Bulletins and manual patching Jason, For the vulnerabilities we are getting dinged on we have exhausted our capabilities within SCCM to perform patching. We are using Shavlik for 3P stuff, but these are all one-offs that we are battling. Here are two of the really big ones causing us some major issues. Neither one of these have a 'patch' that you can download from Microsoft to install. I'm trying to get an idea of how other folks attack these. Every week we get a lit of workstations with vulnerabilities. All of these vulnerabilities aren't anything we can download directly from Microsoft. It typically requires scripting, creating a package in SCCM and pushing it out to fix manually. Here are a few. I'd be very surprised if no one else has ran into these. Thanks, Brian Microsoft Malware Protection Engine Remote Code Execution Vulnerability (2846338) Description: A remote code execution vulnerability is present in some versions of Microsoft Malware Protection Engine. Observation: The Microsoft Malware Protection Engine is a part of the following products: Microsoft Forefront Client Security, Microsoft Forefront Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft System Center Endpoint Protection, Microsoft Malicious Software Removal Tool, Microsoft Security Essentials, Microsoft Security Essentials Prerelease, Windows Defender , etc. A remote code execution vulnerability is present in some versions of Microsoft Malware Protection Engine. It's caused when the Microsoft Malware Protection Engine does not properly scan a specially crafted file. Attackers could exploit this vulnerability to execute arbitrary code in the security context of the LocalSystem account. Common Vulnerabilities Exposures (CVE) ID: CVE-2013-1346 Recommendation: The vendor has released an advisory to address the issue. http://technet.microsoft.com/en-us/security/advisory/2846338 False Output: Windows Defender engine version: 1.1.7604.0~KB2846338 Citrix XenApp Online Plug-in / Receiver Remote Code Execution Description: A remote code execution vulnerability is present in some versions of Citrix XenApp Online Plug-in and Citrix Receiver. Observation: The flaw is due to an unspecified error. Successful exploitation by a remote attacker could result in the execution of arbitrary code if the victim is convinced into opening a malicious file from an SMB or WebDAV share. Common Vulnerabilities Exposures (CVE) ID: CVE-2012-4603 Recommendation: The vendor has released an update to address the issue: http://support.citrix.com/article/CTX134681 False Output: Citrix online plug-in - web, 12.1.0.30 ________________________________ From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> on behalf of Jason Sandys <[email protected]<mailto:[email protected]>> Sent: Monday, April 18, 2016 1:24:45 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] RE: Bulletins and manual patching I’ve never seen a security bulletin hotfix not be in the WSUS catalog. Can you give an example of one? J From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Monday, April 18, 2016 1:16 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] Bulletins and manual patching How are folks handling security vulnerabilities that do not sync up with WSUS/SCCM? I'm trying to grasp how to best approach patches that require manual package creation in SCCM, such as MS Security Bulletins. This seems to be a never ending battle and we have a very lean team. Thanks, Brian The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
