Exchange IMF updates

(imported topic written by Bjowah91)

Dear Bigfix,

Since Sp2 for exchange 2003 all administrators have to manually download IMF updates from update.microsoft.com every second week. We would like to introduce these updates into Bigfix as part of the Enterprise Security fixlets.

Here is a article describing to issue, KB907747.

Best regards

Björn Wahll

Stena Line It

(imported comment written by SATO91)

Link to a screenshot from Microsoft update:

http://media.stenaline.com/srz/imf.bmp

(imported comment written by BenKus)

Hey Bjorn,

The Enterprise Security site is specifically created for security updates only and this particular update is not security related.

We would be happy to help you create a Fixlet to update this weekly (should be pretty straight-forward), but we can’t offer it as part of our standard Patch Fixlet content at this time.

Ben

(imported comment written by Bjowah91)

OKej i understand,

If you could help me create a fixlet that updates this weekly it would certainly help.

Thanks

/Björn

(imported comment written by BenKus)

Hey Bjorn,

Well… I don’t have an Exchange 2003 SP2 with me at the moment, but I can certainly get you started and then assist if you have more questions…

Based on the doc at http://download.microsoft.com/download/a/9/1/a91c80b3-f762-4b32-8d2c-8cf74056b735/IMF_SP2.doc , it looks like there is a registry value at:

“HKEY_LOCAL_MACHINE\Software\Microsoft\Updates\Exchange Server 2003\SP3” that contains the version number you are looking for. So your relevance for the Fixlet might look something like this:

exists key “HKEY_LOCAL_MACHINE\Software\Microsoft\Updates\Exchange Server 2003\SP3” of registry AND value “whatever” of key “HKEY_LOCAL_MACHINE\Software\Microsoft\Updates\Exchange Server 2003\SP3” of registry as integer < 42

In my relevance example, I don’t know the value name and I am assuming that version is a standard integer (it might look more like a version number, in which case you would cast it “as version” and then compare it to a version number like: … as version < " … or something like that.

Your action should be pretty straightforward:
download http://download.microsoft.com/somepath/someupdatename.exe
wait __download\someupdatename.exe /some /commandline /options

I can’t seem to find the download to actually perform this update so I can’t help you with the exact file name or options, but hopefully those are straight-forward.

Let me know if that helps,

Ben