/build/static/layout/Breadcrumb_cap_w.png

OVAL - oval:org.mitre.oval:def:6421

This vulnerability is showing 32bit workstations as failing this and 64bit workstations as passing. They both have the same registry entries that this vulnerability is checking for. They should either both pass or fail, but the 64bit passes. We are seeing these same results across the board on 64bit and 32bit workstations. 

Why is this happening and what is the best way to create a report to filter this specific item so that it isn't showing all 32bit workstations as failing?

0 Comments   [ + ] Show comments

Answers (1)

Posted by: EdT 9 years ago
Red Belt
0
Forgive me but your question makes little sense to me as I am unfamiliar with the tool you are using. However, assuming the vulnerability check is being made on the registry, it has to be done by a 32 bit tool if targeting both 32 bit and 64 bit workstations with the same utility, as 64 bit tools will not run on 32 bit O/S.
On the 64 bit O/S the 32 bit tool will look in the: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\.....
part of the registry, if the check is within HKLM.  
If the 64 bit O/S has the key in HKEY_LOCAL_MACHINE\SOFTWARE\.....  then the 32 bit app won't be able to access it.
If you want to filter on 32/64 bit operating systems. you can do this with a bit of vbscript if that is appropriate to your needs.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ