Comments on: How to set up WSUS on Windows Server 2008 R2 http://comtech247.net/2012/06/22/how-to-set-up-wsus-on-windows-server-2008-r2/ IT Support in Stirling Fri, 06 Oct 2017 23:39:39 +0000 hourly 1 http://wordpress.org/?v=4.3.15 By: Server 2016 High Availability http://comtech247.net/2012/06/22/how-to-set-up-wsus-on-windows-server-2008-r2/#comment-2489 Fri, 09 Jun 2017 01:36:41 +0000 http://comtech247.net/?p=2578#comment-2489 Another powerful and powerful post. I’ve read some of your previous posts and finally decided to drop a comment on this one. I signed up for your newsletter, so keep up the informative posts!

Server 2016 High Availability

]]>
By: mjocasio http://comtech247.net/2012/06/22/how-to-set-up-wsus-on-windows-server-2008-r2/#comment-1430 Sat, 26 Jan 2013 23:43:06 +0000 http://comtech247.net/?p=2578#comment-1430 https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464

Is there a way trought Group Policy to check for the bin path (Long path name) of a patch after installed and if the bin path is unquote go ahead and replace the bin path with the short name path preventing the vulnerability mention above? I uderstand the short path name (8.3) needs to be enable in the registry. Is it feasible for short fix until the patch is available by vendor.

]]>
By: Anonymous http://comtech247.net/2012/06/22/how-to-set-up-wsus-on-windows-server-2008-r2/#comment-1429 Sat, 26 Jan 2013 23:34:59 +0000 http://comtech247.net/?p=2578#comment-1429 Is there a way, I could change a attribute in manifest of the patch before path getting install in target machine or after is install to overwrite the bin path from long path name to short path name. The reason behind this. There is a vulnerability of paches of services associate it with a path directory (environment variable) as unquote and directory contaning embedded space in the name of diretory such as \Program Files\.
Is there a way by using group policy to check for bin path either or after patch is install and use the short path name version…. I know this is only created by the OS if enable.
Besides requesting an update patch from verndor is there a feasible solution either short or long term….. thank for your input.

]]>