Download -> Prefetch Change in Windows Patch Content Coming

(imported topic written by liuhoting91)

BigFix Community,

Starting in May 2010, BigFix will be using a different actionscript command to do downloads in the Patches for Windows sites. The functionality of the commands is identical and the change is not expected to affect any customers, but we wanted to announce the change to customers because the actionscripts in the patch sites will look slightly different.

More details if you are interested:

Fixlets have historically used the “download” actionscript commands to retrieve files from the server/relays. The download command is followed by a “continue if” clause that checks the size and sha1 of the file to ensure that the file is complete and has not been modified in any way. However, the syntax for this command was considered brittle and clunky since it was basically a single command that required two lines, so 4 years ago starting with BigFix 6.0 we introduced the “prefetch” command that worked the same as the existing “download / continue if” command, but it was a single actionscript line. Here is an example of the change:

download http://download.microsoft.com/download/4/3/7/4378739A-0B4E-40EB-A2E7-F2DF9A9B8DA8/WindowsXP-KB979683-x86-ENU.exe

continue if {(size of it = 2870136 AND sha1 of it = “8f9e90bf9b6ad58fd264cc1cf0f187f9a83223a5”) of file “WindowsXP-KB979683-x86-ENU.exe” of folder “__Download”}

Changes to:

prefetch WindowsXP-KB979683-x86-ENU.exe sha1:8f9e90bf9b6ad58fd264cc1cf0f187f9a83223a5 size:2870136 http://download.microsoft.com/download/4/3/7/4378739A-0B4E-40EB-A2E7-F2DF9A9B8DA8/WindowsXP-KB979683-x86-ENU.exe

The agent treats these commands in the same exact way.

Many Fixlet sites currently use the “prefetch” command, but we did not change the Fixlet content for the Patches for Windows to help with backwards compatibility with BigFix 5.0 Agents (until now). The change will only currently affect new Fixlets that we publish and all existing older Patches for Windows Fixlet content will still be using the older download command.

Please contact Bigfix technical support with any questions or concerns relating to this change.

Thanks,

BigFix Fixlet Team

(imported comment written by liuhoting91)

Hello Bigfix Community-

For the Patch Tuesday content in May, we used the prefetch command instead of download in order to retrieve files. Unfortunately, due to a character length bug with prefetch file names that didn’t get fixed until 7.2, some of the Patch Tuesday content didn’t work, so we’re reverting that set of content to use the older download command. We’ll notify the Bigfix Community when the prefetch command will be used instead of download command for Enterprise Security Content.

We apologize for any inconvenience this may have caused.

For reference, the following Fixlets that have changed are listed below:

1003001 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 5.5 SP2 - Windows 2000 SP4

1003002 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 5.5 SP2 - Windows 2000 SP4 - CORRUPT PATCH

1003003 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 SP1 - Windows 2000 SP4

1003004 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 SP1 - Windows 2000 SP4 - CORRUPT PATCH

1003005 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Live Mail - Windows XP SP2/SP3

1003006 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Live Mail - Windows XP SP2/SP3 - CORRUPT PATCH

1003007 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Live Mail - Windows XP SP2 (x64)

1003008 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Live Mail - Windows XP SP2 (x64) - CORRUPT PATCH

1003009 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Server 2003 SP2

1003010 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Server 2003 SP2 - CORRUPT PATCH

1003011 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Server 2003 SP2 (x64)

1003012 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - OE 6 - Windows Server 2003 SP2 (x64) - CORRUPT PATCH

1003013 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - Windows Mail - Windows Live Mail - Windows Vista SP1/SP2

1003015 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - Windows Mail - Windows Live Mail - Windows Vista SP1/SP2 (x64)

1003017 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - Windows Mail - Windows Live Mail - Windows Server 2008 Gold/SP2

1003019 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - Windows Mail - Windows Live Mail - Windows Server 2008 Gold/SP2 (x64)

1003021 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - Windows Mail - Windows Live Mail - Windows 7

1003023 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - Windows Mail - Windows Live Mail - Windows 7 (x64)

1003025 MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution - Windows Mail - Windows Live Mail - Windows Server 2008 R2 (x64)

1003101 MS10-031: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install)

1003105 MS10-031: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution - Microsoft VBA

1003106 MS10-031: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution - Office 2003 SP3 (Local/Network Install)

1003111 MS10-031: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution - Office 2007 SP1/SP2

Please contact BigFix Technical Support if you have any questions regarding this change.