Kaseya Community

Adobe Reader vulnerabilities...

  • Updated August 3rd, 2009:

    I have consolidated information from several updates into a single post.

    Adobe has now released patches for Flash, Shockwave and Reader to fix known vulnerabilities that were being exploited in the wild.

    Flash Deployment (IE Active X ):

    Script Name: Deploy Adobe Flash Player Active X
    Script Description: Deploy Adobe Flash Player Active X
    Version as of July 30th 2009 is 10.0.32.18

    Benjamin Lavalley, Sr. Sales engineer, Kaseya
    benjamin.lavalley@kaseya.com

    IF True
    THEN
    Get Variable - (Continue on Fail)
    Parameter 1 : 0
    Parameter 2 : HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\FlashPlayer\CurrentVersion
    Parameter 3 : flasholdversion
    OS Type : 13
    Get URL
    Parameter 1 : http://fpdownload.macromedia.com/get/flashplayer/current/install_flash_player_ax.exe
    Parameter 2 : #vAgentConfiguration.AgentTempDir#\install_flash_player_ax.exe
    Parameter 3 : 3
    OS Type : 13
    Execute File
    Parameter 1 : #vAgentConfiguration.AgentTempDir#\install_flash_player_ax.exe
    Parameter 2 : /silent
    Parameter 3 : 3
    OS Type : 13
    Write Script Log Entry
    Parameter 1 : Adobe Flash Player Installed
    OS Type : 13
    Get Variable - (Continue on Fail)
    Parameter 1 : 0
    Parameter 2 : HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\FlashPlayer\CurrentVersion
    Parameter 3 : flashnewversion
    OS Type : 13
    Write Script Log Entry - (Continue on Fail)
    Parameter 1 : Flash for Active X upgraded. Old version was #flasholdversion#
    OS Type : 13
    Write Script Log Entry - (Continue on Fail)
    Parameter 1 : Flash for Active X upgraded. New version is #flashnewversion#
    OS Type : 13
    ELSE


    Flash Deployment (Non-IE Browsers)

    Script Name: Deploy Adobe Flash Player for Firefox/Safari/Opera
    Script Description: Deploy Adobe Flash Player for Firefox/Safari/Opera
    Version as of July 30th 2009 is 10.0.32.18

    Benjamin Lavalley, Sr. Sales engineer, Kaseya
    benjamin.lavalley@kaseya.com

    IF True
    THEN
    Get Variable - (Continue on Fail)
    Parameter 1 : 0
    Parameter 2 : HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\FlashPlayer\CurrentVersion
    Parameter 3 : flasholdversion
    OS Type : 13
    Get URL
    Parameter 1 : http://fpdownload.macromedia.com/get/flashplayer/current/install_flash_player.exe
    Parameter 2 : #vAgentConfiguration.AgentTempDir#\install_flash_player.exe
    Parameter 3 : 3
    OS Type : 13
    Execute File
    Parameter 1 : #vAgentConfiguration.AgentTempDir#\install_flash_player.exe
    Parameter 2 : /silent
    Parameter 3 : 3
    OS Type : 13
    Write Script Log Entry
    Parameter 1 : Adobe Flash Player Installed
    OS Type : 13
    Get Variable - (Continue on Fail)
    Parameter 1 : 0
    Parameter 2 : HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\FlashPlayer\CurrentVersion
    Parameter 3 : flashnewversion
    OS Type : 13
    Write Script Log Entry - (Continue on Fail)
    Parameter 1 : Flash for non-IE browsers upgraded. Old version was #flasholdversion#
    OS Type : 13
    Write Script Log Entry - (Continue on Fail)
    Parameter 1 : Flash for non-IE browsers upgraded. New version is #flashnewversion#
    OS Type : 13
    ELSE




    Flash Uninstall (Not sure if this is needed...)


    Script Name: Uninstall Adobe Flash for All Browsers
    Script Description: Uninstall Adobe Flash for all browsers.

    Benjamin Lavalley, Sr. Sales Engineer, Kaseya
    benjamin.lavalley@kaseya.com

    IF True
    THEN
    Send Message
    Parameter 1 : Your web browser and chat applications will be forcibly closed in 20 seconds for critical security updates. We apologize for the inconvenience.
    Parameter 2 : 1
    OS Type : 13
    Pause Script
    Parameter 1 : 20
    OS Type : 13
    Close Application
    Parameter 1 : iexplore.exe
    OS Type : 13
    Close Application
    Parameter 1 : messenger.exe
    OS Type : 13
    Close Application
    Parameter 1 : firefox.exe
    OS Type : 13
    Close Application
    Parameter 1 : safari.exe
    OS Type : 13
    Close Application
    Parameter 1 : msmgs.exe
    OS Type : 13
    Close Application
    Parameter 1 : opera.exe
    OS Type : 13
    Close Application
    Parameter 1 : aim6.exe
    OS Type : 13
    Close Application
    Parameter 1 : chrome.exe
    OS Type : 13
    Get URL
    Parameter 1 : http://download.macromedia.com/pub/flashplayer/current/uninstall_flash_player.exe
    Parameter 2 : #vAgentConfiguration.AgentTempDir#\uninstall_flash_player.exe
    Parameter 3 : 3
    OS Type : 13
    Execute Shell Command
    Parameter 1 : #vAgentConfiguration.AgentTempDir#\uninstall_flash_player.exe /silent
    Parameter 2 : 1
    OS Type : 13
    ELSE


    Master uninstall/install script for Flash:


    Script Name: Update Flash - Uninstall & Install for All Browser
    Script Description: This 'master' script will uninstall existing versions of Flash and Install the new versions for Internet Explorer, Firefox, Safari & Opera.

    Benjamin Lavalley
    Sr. Sales Engineer, Kaseya
    benjamin.lavalley@kaseya.com

    IF True
    THEN
    Execute Script
    Parameter 1 : Uninstall Adobe Flash for All Browsers (NOTE: Script reference is NOT imported. Correct manually in script editor.
    Parameter 2 :
    Parameter 3 : 0
    OS Type : 13
    Execute Script
    Parameter 1 : Deploy Adobe Flash Player Active X (NOTE: Script reference is NOT imported. Correct manually in script editor.
    Parameter 2 :
    Parameter 3 : 0
    OS Type : 13
    Execute Script
    Parameter 1 : Deploy Adobe Flash Player for Firefox/Safari/Opera (NOTE: Script reference is NOT imported. Correct manually in script editor.
    Parameter 2 :
    Parameter 3 : 0
    OS Type : 13
    Send Message
    Parameter 1 : Adobe Flash update complete.
    Parameter 2 : 0
    OS Type : 13
    Write Script Log Entry
    Parameter 1 : Adobe flash removal and deployment completed.
    OS Type : 13
    ELSE




    Shockwave deployment:


    Script Name: Deploy Adobe Shockwave
    Script Description: Deploy latest version of Adobe Shockwave Benjamin Lavalley, Sr. Sales Engineer, Kaseya

    IF True
    THEN
    Get URL
    Parameter 1 : http://fpdownload.macromedia.com/get/shockwave/default/english/win95nt/latest/sw_lic_full_installer.msi
    Parameter 2 : #vAgentConfiguration.AgentTempDir#\sw_lic_full_installer.msi
    Parameter 3 : 3
    OS Type : 0
    Execute Shell Command
    Parameter 1 : msiexec /i #vAgentConfiguration.AgentTempDir#\sw_lic_full_installer.msi /qn
    Parameter 2 : 1
    OS Type : 0
    Write Script Log Entry
    Parameter 1 : Adobe Shockwave Installed
    OS Type : 0
    ELSE


    See Adobe Reader script in the next post (I hit the maximum character limit for a single post...)

    Legacy Forum Name: Adobe Reader vulnerabilities...,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • Adobe's fix is not a new installer, it simply patches Adobe Reader.

    I created scripts to update Adobe Reader 9.1.0 to 9.1.3. The scripts check to see if Adobe Reader is present and if they see 9.1 they start applying the 9.1.1, 9.1.2 and 9.1.3 patches.

    I put the Adobe update scripts into a script folder, simply click your Scripts tab then click either My Scripts to store in your personal folder or Public Scripts to share with other Kaseya Admins. On the right at the bottom you will see "Import Folder".

    Open the TXT file contained in this zip:

    http://files.kaseya.com/sftp/adobe_9-1-3_patch_script_folder.zip

    Then copy/paste these contents into the Import Folder window and click Import.

    The IF check isn't critical so if you run into a problem with it just set it to True.

    Both 32-bit and 64-bit scripts do the same thing. There is also a script to initially deploy Adobe and the patch it for new systems you need to deploy Adobe Reader to.

    Some links with background information on the vulnerabilities:

    http://www.adobe.com/support/security/bulletins/apsb09-10.html

    http://news.cnet.com/8301-27080_3-10294212-245.html

    http://www.theregister.co.uk/2009/07/22/adobe_flash_attacks_go_wild

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • Your prompt response on these has been very valuable, thanks Ben! Any idea when we'll see the IE patches come through?

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: fisofo
  • fisofo
    Your prompt response on these has been very valuable, thanks Ben! Any idea when we'll see the IE patches come through?


    Yeah, when you run a Patch Scan Smile

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • Benjamin.Lavalley@kaseya.com
    Yeah, when you run a Patch Scan Smile


    Ah. Well. There you go Big Smile

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: fisofo
  • As ever, Benjamin, you are a rock star.

    (Once again, it's both maddening and amusing to read that as long as you're not surfing with Internet Explorer you have a lot less to worry about...)

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: GreyDuck
  • GreyDuck
    As ever, Benjamin, you are a rock star.

    (Once again, it's both maddening and amusing to read that as long as you're not surfing with Internet Explorer you have a lot less to worry about...)


    Sadly, it's not just IE that is affected. From what I've read, acrobat pdf documents can embed flash and thus by the act of viewing the pdf document from any source (email, firefox) the payload will execute.

    Benjamin's workaround disables flash in acrobat, but from what I've seen doesn't disable flash in the browser. It would probably be a good idea to run an uninstall script of flash along with what he's written.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Zestysoft
  • Zestysoft
    Sadly, it's not just IE that is affected. From what I've read, acrobat pdf documents can embed flash and thus by the act of viewing the pdf document from any source (email, firefox) the payload will execute.

    Benjamin's workaround disables flash in acrobat, but from what I've seen doesn't disable flash in the browser. It would probably be a good idea to run an uninstall script of flash along with what he's written.


    Adobe stated that the two recent Microsoft security fixes should combat against Flash being exploited through IE.

    An outright removal script would do the trick too, of course, but I think the Microsoft fixes should be enough. The new releases of Adobe Reader and Flash should be posted by Adobe tomorrow.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • This is an obsolete fix for Adobe Reader. It was used during the week-long period that Adobe had NOT patched Reader:


    Script Name: Fix Adobe Reader July 28th Vulnerability
    Script Description: This script reverts the DLL modifications made with the Adobe Reader July 28th Vulnerability fix. http://news.cnet.com/8301-27080_3-10294212-245.html http://news.cnet.com/8301-27080_3-10293389-245.html?tag=mncol;txt Benjamin Lavalley, Sr. Sales Engineer, Kaseya

    IF Check Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\Software\Kaseya\Kaseya Agent\0728adobefix
    Absent :
    THEN
    Close Application - (Continue on Fail)
    Parameter 1 : acrord32.exe
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles%\adobe\reader 9.0\Reader\authplay.dll" authplay.dll-old
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles%\adobe\reader 9.0\Reader\rt3d.dll" rt3d.dll-old
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\reader 9.0\Reader\authplay.dll" authplay.dll-old
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\reader 9.0\Reader\rt3d.dll" rt3d.dll-old
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\acrobat 9.0\acrobat\authplay.dll" authplay.dll-old
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\acrobat 9.0\acrobat\rt3d.dll" rt3d.dll-old
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command
    Parameter 1 : dir /s "%programfiles%\adobe\authplay*.*" "%programfiles%\adobe\rt3d*.*" >> #vAgentConfiguration.AgentTempDir#\AdobeReaderVuln.txt
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command
    Parameter 1 : dir /s "%programfiles% (x86)\adobe\authplay*.*" "%programfiles% (x86)\adobe\rt3d*.*" >>>> #vAgentConfiguration.AgentTempDir#\AdobeReaderVuln.txt
    Parameter 2 : 1
    OS Type : 13
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\Software\Kaseya\Kaseya Agent\0728adobefix
    Parameter 2 : 1
    Parameter 3 : REG_SZ
    OS Type : 13
    Get File
    Parameter 1 : #vAgentConfiguration.AgentTempDir#\AdobeReaderVuln.txt
    Parameter 2 : ..\Docs\AdobeReaderVuln.txt
    Parameter 3 : 3
    OS Type : 13
    Write Script Log Entry
    Parameter 1 : Adobe Reader vulnerability fix applied.
    OS Type : 13
    ELSE
    Write Script Log Entry
    Parameter 1 : Adobe Reader vulnerability fix already applied.
    OS Type : 0



    Undo script:

    Script Name: UNDO - Fix Adobe Reader July 28th Vulnerability
    Script Description: This script reverts the DLL modifications made with the Adobe Reader July 28th Vulnerability fix. http://news.cnet.com/8301-27080_3-10294212-245.html http://news.cnet.com/8301-27080_3-10293389-245.html?tag=mncol;txt Benjamin Lavalley, Sr. Sales Engineer, Kaseya

    IF Check Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\Software\Kaseya\Kaseya Agent\0728adobefix
    Exists :
    THEN
    Close Application - (Continue on Fail)
    Parameter 1 : acrord32.exe
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles%\adobe\reader 9.0\Reader\authplay.dll-old" authplay.dll
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles%\adobe\reader 9.0\Reader\rt3d.dll-old" rt3d.dll
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\reader 9.0\Reader\authplay.dll-old" authplay.dll
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\reader 9.0\Reader\rt3d.dll-old" rt3d.dll
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\acrobat 9.0\acrobat\authplay.dll-old" authplay.dll
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command - (Continue on Fail)
    Parameter 1 : rename "%programfiles% (x86)\adobe\acrobat 9.0\acrobat\rt3d.dll-old" rt3d.dll
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command
    Parameter 1 : dir /s "%programfiles%\adobe\authplay*.*" "%programfiles%\adobe\rt3d*.*" >> #vAgentConfiguration.AgentTempDir#\AdobeReaderVuln-undo.txt
    Parameter 2 : 1
    OS Type : 13
    Execute Shell Command
    Parameter 1 : dir /s "%programfiles% (x86)\adobe\authplay*.*" "%programfiles% (x86)\adobe\rt3d*.*" >>>> #vAgentConfiguration.AgentTempDir#\AdobeReaderVuln-undo.txt
    Parameter 2 : 1
    OS Type : 13
    Delete Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\Software\Kaseya\Kaseya Agent\0728adobefix
    OS Type : 13
    Get File
    Parameter 1 : #vAgentConfiguration.AgentTempDir#\AdobeReaderVuln-undo.txt
    Parameter 2 : ..\Docs\AdobeReaderVuln-undo.txt
    Parameter 3 : 3
    OS Type : 13
    Write Script Log Entry
    Parameter 1 : Adobe Reader vulnerability fix removed.
    OS Type : 13
    ELSE
    Write Script Log Entry
    Parameter 1 : Adobe Reader vulnerability fix was not applied.
    OS Type : 0



    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • (Psst: #flasholdversion# doesn't match #flashcurrentversion# *cough,cough*)

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: GreyDuck
  • GreyDuck
    (Psst: #flasholdversion# doesn't match #flashcurrentversion# *cough,cough*)


    Thought I'd fixed that. Wink

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • Hey, no worries.

    In other news, I wish we could use "OR" statements in the main View building interface. I'd love to have a view for "firefox.exe OR safari.exe OR opera.exe" in order to do my script scheduling in one fell swoop. Luckily, it turns out that we only have five endpoints with Opera installed... poor, poor Opera.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: GreyDuck
  • Adobe released a patch for Reader. It is ONLY a patch -- they did not update their primary installer. I created scripts to update Adobe Reader 9.1.0 to 9.1.3. The scripts check to see if Adobe Reader is present and if they see 9.1 they start applying the 9.1.1, 9.1.2 and 9.1.3 patches. I think it is lame they do not update their installer but who am I to judge... I put the Adobe update scripts into a script folder, simply click your Scripts tab then click either My Scripts to store in your personal folder or Public Scripts to share with other Kaseya Admins. On the right at the bottom you will see "Import Folder". I have tested this on a Windows 7 machine and a Windows XP machine and haven't had more time to work on it (Last day of the month = busy in sales!) Wink Paste these contents into that window and click Import:

    <?xml version="1.0" encoding="ISO-8859-1" ?>
    <folderDef0 id="55023342" name="Adobe 9.1.3 Patch">
      <scriptDef id="38676932" name="Adobe Reader 9.1.3 Patch - Check OS Version Step 1">
        <scriptIf ifFunc="8" fp1="#vMachine.OsInfo#" fp2="" fp3="" ifTest="9" testVal="64" scriptType="0" description="This script simply checks if the OS is 32 bit or 64 bit and then runs the appropriate script.  Benjamin Lavalley, Sr. Sales Engineer, Kaseya benjamin.lavalley@kaseya.com" />
        <scriptThenElse teType="0" stepNum="1" teFunc="1" fp1="12226639" fp2="" fp3="0" osType="13" contOnFail="0" />
        <scriptThenElse teType="1" stepNum="1" teFunc="1" fp1="56155159" fp2="" fp3="0" osType="13" contOnFail="0" />
      </scriptDef>
      <scriptDef id="12226639" name="Adobe Reader 9.1.3 Patch - 64-bit - Step 2A">
        <scriptIf ifFunc="5" fp1="HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Adobe\Acrobat Reader\9.1" fp2="" fp3="" ifTest="1" testVal="" scriptType="0" description="Get Adobe 9.1.1, 9.1.2 and 9.1.3 patches for Windows   Benjamin Lavalley, Sr. Sales Engineer, Kaseya benjamin.lavalley@kaseya.com" />
        <scriptThenElse teType="0" stepNum="1" teFunc="12" fp1="Adobe Reader will be closed in 10 seconds to deploy critical security patches. " fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="2" teFunc="24" fp1="10" fp2="" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="3" teFunc="21" fp1="acrord32.exe" fp2="" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="4" teFunc="34" fp1="http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.1.1/misc/AdbeRdrUpd911_all_incr.msp" fp2="#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd911_all_incr.msp" fp3="3" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="5" teFunc="20" fp1="msiexec /p &#34;#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd911_all_incr.msp&#34; /qn" fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="6" teFunc="34" fp1="http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.1.2/misc/AdbeRdrUpd912_all_incr.msp" fp2="#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd912_all_incr.msp" fp3="3" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="7" teFunc="20" fp1="msiexec /p &#34;#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd912_all_incr.msp&#34; /qn" fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="8" teFunc="34" fp1="http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.1.3/misc/AdbeRdrUpd913_all_incr.msp" fp2="#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd913_all_incr.msp" fp3="3" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="9" teFunc="20" fp1="msiexec /p &#34;#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd913_all_incr.msp&#34; /qn" fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="10" teFunc="25" fp1="Adobe Reader 9.1.3 patch deployed. " fp2="" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="1" stepNum="1" teFunc="25" fp1="This system does not appear to have Adobe Reader 9.1 and the patches will not apply. " fp2="" fp3="" osType="13" contOnFail="0" />
      </scriptDef>
      <scriptDef id="56155159" name="Adobe Reader 9.1.3 Patch - 32-bit - Step 2B">
        <scriptIf ifFunc="5" fp1="HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\9.1" fp2="" fp3="" ifTest="1" testVal="" scriptType="0" description="Get Adobe 9.1.1, 9.1.2 and 9.1.3 patches for Windows   Benjamin Lavalley, Sr. Sales Engineer, Kaseya benjamin.lavalley@kaseya.com" />
        <scriptThenElse teType="0" stepNum="1" teFunc="12" fp1="Adobe Reader will be closed in 10 seconds to deploy a critical security patch. " fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="2" teFunc="24" fp1="10" fp2="" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="3" teFunc="21" fp1="acrord32.exe" fp2="" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="4" teFunc="34" fp1="http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.1.1/misc/AdbeRdrUpd911_all_incr.msp" fp2="#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd911_all_incr.msp" fp3="3" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="5" teFunc="20" fp1="msiexec /p &#34;#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd911_all_incr.msp&#34; /qn" fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="6" teFunc="34" fp1="http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.1.2/misc/AdbeRdrUpd912_all_incr.msp" fp2="#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd912_all_incr.msp" fp3="3" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="7" teFunc="20" fp1="msiexec /p &#34;#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd912_all_incr.msp&#34; /qn" fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="8" teFunc="34" fp1="http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.1.3/misc/AdbeRdrUpd913_all_incr.msp" fp2="#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd913_all_incr.msp" fp3="3" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="9" teFunc="20" fp1="msiexec /p &#34;#vAgentConfiguration.AgentTempDir#\AdbeRdrUpd913_all_incr.msp&#34; /qn" fp2="1" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="0" stepNum="10" teFunc="25" fp1="Adobe Reader 9.1.3 patch deployed. " fp2="" fp3="" osType="13" contOnFail="0" />
        <scriptThenElse teType="1" stepNum="1" teFunc="25" fp1="This system does not appear to have Adobe Reader 9.1 and the patches will not apply. " fp2="" fp3="" osType="13" contOnFail="0" />
      </scriptDef>
    </folderDef0>
    
    


    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com



    [edited by: Brendan Cosgrove at 12:49 PM (GMT -8) on 12-13-2010] .
  • If you need to silently deploy Adobe Reader in the first place, here is the standalone script. Be sure to link it to your 9.1.3 patch script (see the last step here...)


    Script Name: Adobe Reader 9.1 Deploy and Patch to 9.1.3
    Script Description: Executes the Adobe Reader 9 installer with the following switches: AdbeRdr910_en_US_Std.exe /sAll /rs /l /msi"/qb-! /norestart ALLUSERS=1 EULA_ACCEPT=YES SUPPRESS_APP_LAUNCH=YES"

    IF True
    THEN
    Get URL
    Parameter 1 : http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.1/enu/AdbeRdr910_en_US_Std.exe
    Parameter 2 : #vAgentconfiguration.AgentTempDir#\AdbeRdr910_en_US_Std.exe
    Parameter 3 : 3
    OS Type : 13
    Execute File
    Parameter 1 : #vAgentconfiguration.AgentTempDir#\AdbeRdr910_en_US_Std.exe
    Parameter 2 : /sAll /rs /l /msi"/qb-! /norestart ALLUSERS=1 EULA_ACCEPT=YES SUPPRESS_APP_LAUNCH=YES"
    Parameter 3 : 3
    OS Type : 13
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.1\Downtown\bDontShowAtLaunch
    Parameter 2 : 1
    Parameter 3 : REG_SZ
    OS Type : 13
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Downtown\bGoOnline
    Parameter 2 : 0
    Parameter 3 : REG_SZ
    OS Type : 13
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\9.0\AdobeViewer\Launched
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 13
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\9.0\AdobeViewer\EULA
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 13
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\9.1AdobeViewer\bCheckForUpdatesAtStartup
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Write Script Log Entry
    Parameter 1 : Adobe Reader 9 deployed.
    OS Type : 13
    Delete File
    Parameter 1 : #vAgentconfiguration.AgentTempDir#\AdbeRdr910_en_US_Std.exe
    OS Type : 13
    Execute Script
    Parameter 1 : Adobe Reader 9.1 Deploy and Patch to 9.1.3 (NOTE: Script reference is NOT imported. Correct manually in script editor.
    Parameter 2 :
    Parameter 3 : 0
    OS Type : 13
    ELSE



    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • Has anybody deployed this on systems with Vista?

    Or deployed it in customer environments with out any issue?

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: orangeneo