Are all your users admins? Otherwise, how is that logon script going to update HKLM?
Machine-based startup script would be better idea, no? Cheers Ken ________________________________________ From: Kurt Buff [kurt.b...@gmail.com] Sent: Wednesday, 8 July 2009 2:41 AM To: NT System Admin Issues Subject: Re: New IE zero day exploit in the wild I'm just pushing out the .reg file in the login script: regedit /s \\fileserver\public\patches\videokillbits.reg The file was easy to create, in a capable editor (not notepad or wordpad) that allows metacharacter search and replace, such as '\n' for CRLF and '\t' for tab. I used the ancient, no-longer-supported PFE32. I really should switch to VIM, I suppose. On Tue, Jul 7, 2009 at 08:40, Eric Wittersheim<eric.wittersh...@gmail.com> wrote: > I'm pushing out the .reg via GP. So far so good. > > On Tue, Jul 7, 2009 at 10:38 AM, David Lum <david....@nwea.org> wrote: >> >> The “Microsoft fix-it” is an MSI that I am pushing via SMS and is pushing >> fine (so far just a few test cases have it, but no issues). Beats trying to >> push out a .REG or something… >> >> >> >> David Lum // SYSTEMS ENGINEER >> NORTHWEST EVALUATION ASSOCIATION >> (Desk) 971.222.1025 // (Cell) 503.267.9764 >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~